MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file –

JPCERT/CC has confirmed that a new technique was used in an attack that occurred in July, which bypasses detection by embedding a malicious Word file into a PDF file. This blog article calls the technique “MalDoc in PDF” hereafter and explains the details of and countermeasures against it.

Overview of MalDoc in PDF

A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF. If the file has …

article attack blog bypass detection file july maldoc malicious malware analysis pdf word