HEUR_PDFEXP.E
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 4,287 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 3,393 |
| First Seen: | October 11, 2012 |
| Last Seen: | September 18, 2023 |
| OS(es) Affected: | Windows |
HEUR_PDFEXP.E is a generic detection that some anti-malware programs use to refer to malicious PDF files that use a known vulnerability in Adobe Reader to install other malware on the infected computer. Due to their nature, HEUR_PDFEXP.E malicious files are typically used in social engineering scams. They will often be disguised as some kind of interesting document related to a top news item. Opening them will often open an actual PDF file that contains some kind of related document. However, in the background, HEUR_PDFEXP.E will exploit a known vulnerability in Adobe Reader that allows criminals to execute malicious code. This means that HEUR_PDFEXP.E files can be used to install malware in the background, often used to install a backdoor on the infected computer without the victim's knowledge. These kinds of covert malware infections are ideal for the installation of spy and banking Trojans that operate in the background undetected.
HEUR_PDFEXP.E and the United States Presidential Campaign
As mentioned before, HEUR_PDFEXP.E attacks will typically use a social engineering approach that takes advantage of top news stories in a particular news cycle. Of course, in October of 2012, few things top the United States Presidential election race in the news. Because of this, HEUR_PDFEXP.E attacks using malicious PDF files claiming to be everything from Mitt Romney's tax returns to facts about Barack Obama and fake news stories from top media outlets. Malware attacks using the 2012 presidential campaigns as a way to reach inexperienced computer users are likely to go on for the next two months. Because of this, ESG malware analysts strongly advise computer users to get their news from a trusted news source and never from unsolicited email messages containing embedded links or attached files.
While most computer users have been educated to avoid opening compressed file attachments (such as those with RAR or ZIP extensions) or executable file attachments (especially those with the EXE extension), many are not aware that malware can be distributed using PDF and even DOC documents. Using known flaws in Adobe Reader and Microsoft Word, criminals can create innocuous documents that actually install malware on the victim's computer. The best way to avoid these attacks is to never open or download unsolicited email attachments, regardless of their extension (which can be easily disguised).
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | Romney V. Obama Tax Policies.pdf |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.