PDF malware analysis — malicious · 031ac605f83f6026

MALICIOUS

PDF

1022 B

MD5: 8a4381b5c87a0dd9d9eda1b5d85a1ae5 SHA-1: c37532ecd6f0c0c2007c2e28bc26fd03ff45c4ec SHA-256: 031ac605f83f60265edde6c9a6e6ec584cd16de0a75f15fb72243b44025a82db

132 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment T1204.002 Malicious File

The PDF file contains a launch action that directs the user to download and execute a file from the URL http://minohosting.com/Habbo Hack.exe. The document body text also contains this URL, reinforcing the malicious intent. The ML classifier strongly flagged this PDF as malicious.

Machine Learning

Nyx PDF Classifier malicious score 0.9996

Heuristics 3

Launch action critical PDF_LAUNCH

PDF contains a /Launch action whose target is an executable, URL, or UNC path — can start an external application
/Launch action target: http://minohosting.com/Habbo Hack.exe high PDF_LAUNCH_COMMAND

PDF /Launch action specifies an executable target.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://minohosting.com/Habbo

Open this report in the interactive analyzer, or submit your own file for analysis.