HEUR_PDFEXP.E

HEUR_PDFEXP.E Description

Type: HEUR Malware

HEUR_PDFEXP.E is a generic detection that some anti-malware programs use to refer to malicious PDF files that use a known vulnerability in Adobe Reader to install other malware on the infected computer. Due to their nature, HEUR_PDFEXP.E malicious files are typically used in social engineering scams. They will often be disguised as some kind of interesting document related to a top news item. Opening them will often open an actual PDF file that contains some kind of related document. However, in the background, HEUR_PDFEXP.E will exploit a known vulnerability in Adobe Reader that allows criminals to execute malicious code. This means that HEUR_PDFEXP.E files can be used to install malware in the background, often used to install a backdoor on the infected computer without the victim's knowledge. These kinds of covert malware infections are ideal for the installation of spy and banking Trojans that operate in the background undetected.

HEUR_PDFEXP.E and the United States Presidential Campaign

As mentioned before, HEUR_PDFEXP.E attacks will typically use a social engineering approach that takes advantage of top news stories in a particular news cycle. Of course, in October of 2012, few things top the United States Presidential election race in the news. Because of this, HEUR_PDFEXP.E attacks using malicious PDF files claiming to be everything from Mitt Romney's tax returns to facts about Barack Obama and fake news stories from top media outlets. Malware attacks using the 2012 presidential campaigns as a way to reach inexperienced computer users are likely to go on for the next two months. Because of this, ESG malware analysts strongly advise computer users to get their news from a trusted news source and never from unsolicited email messages containing embedded links or attached files.

While most computer users have been educated to avoid opening compressed file attachments (such as those with RAR or ZIP extensions) or executable file attachments (especially those with the EXE extension), many are not aware that malware can be distributed using PDF and even DOC documents. Using known flaws in Adobe Reader and Microsoft Word, criminals can create innocuous documents that actually install malware on the victim's computer. The best way to avoid these attacks is to never open or download unsolicited email attachments, regardless of their extension (which can be easily disguised).

Technical Information

File System Details

HEUR_PDFEXP.E creates the following file(s):
Expand All | Collapse All
# File Name Detection Count
1 Romney V. Obama Tax Policies.pdf N/A

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.
By Sumo3000 in Malware
Threat Scorecard
Ranking: 2,260
Threat Level: 100 % (High)
Infected Computers: 2,472
First Seen: October 11, 2012
Last Seen: May 1, 2022
OS(es) Affected: Windows