is a PDF file with a malformed hyperlink that links to other malware.
This trojan commonly arrives as a file attached to spam email messages with a forged "from" email address. The following is an example of the PDF file content and malicious link:
Downloads other malware
When the malicious PDF file is opened and the embedded hyperlink is visited, it will link to malware hosted on a remote server. In the wild, the hyperlink was linked to malware detected as PWS:Win32/Zbot.gen!R and PWS:Win32/Zbot.gen!U.
Analysis by Rodel Finones
The following system changes may indicate the presence of this malware:
- Receipt of a file named "stratfor.pdf" via email, with a hyperlink that points to a file named "av.zip"