Need help to understand a Javscript trojan (decrypted from PDF file)

Hi

My gmail account was hijacked and 400 mails were sent to people I have had contact with over the years. :frowning: Attached to the mail was a PDF file that Avast and other virus programs have detected as a high threat “JS:Pdfka-gen”. i.e general JavaScript PDF thread I think. But I would like to know what I sent to people and if possible which platform could get affected since some of them unfortunatly opened the file.

Attached is the JavaSctript trojan that existed in the PDF in clear text. A friend was able to decrypt it for me.

Much obliged for any help on the matter!

VirusTotal
https://www.virustotal.com/file/75fae2313f3facfea1817719e92ca8fca3621042588a40e25a247dc98f1f8d5b/analysis/1333460620/

Microsoft Malware info
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AJS%2FMult.DJ

seems it tries to download this
https://www.virustotal.com/file/a0a0e6fe607b2e7f7ee6d8a8d5dcd665cce4d679b204e18121c30341c5ba647a/analysis/1333462134/

Microsoft malware info
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=PWS%3AWin32%2FZbot

Norman sandbox

s.exe : Not detected by Sandbox (Signature: W32/QHost)

[ DetectionInfo ]
* Filename: C:\analyzer\scan\s.exe.
* Sandbox name: NO_MALWARE
* Signature name: W32/QHost.KHH.
* Compressed: NO.
* TLS hooks: NO.
* Executable type: Application.
* Executable file structure: OK.
* Filetype: PE_I386.

[ General information ]
* File length: 150016 bytes.
* MD5 hash: e968a7f3686450f2b7f0e8368617936e.
* SHA1 hash: bf757408bcab3ecebaa66f2245d4d3bdc8e673b1.

To be not vulnerable to this, it is important to have fully updated and patched OS and third party software.
Check this here: http://secunia.com/vulnerability_scanning/online/

polonus