Execution of Javascripts without the javascript tag

Question

Execution of Javascripts without the javascript tag

Closed this issue 5 years ago · 3 comments

Hi there,
I am trying to generate a test case mentioned on Page 9 of your academic paper.
"However, the count javascript feature is not an accurate count of the number of embedded
JavaScript code pieces in a PDF. It just extracts the number of JavaScript keywords, but these keywords are optional in script execution. The targeted PDF reader will execute the JavaScript
even without the /Javascript keyword."

Can you help me with a test file or hash that can help me replicate this.

Answer 1 · 2016-11-12T15:14:26.000Z

Hi, the hash string and the signature of each seed in our experiment is available at https://github.com/uvasrg/EvadeML/blob/master/utils/36vms_sigs.pickle

Answer 2 · 2016-11-14T17:01:57.000Z

Can you help me in locating the ones that have JS execution without the JS tag. Couldn't locate it from the list you have provided.

Answer 3 · 2020-01-13T19:01:55.000Z

Sorry, I didn't document that. We don't provide malware to the community, but we share the technology we used to produce the samples. The seed PDF malware samples in our experiment are provided by a third-party.