PDF malware analysis — malicious · 0a093719e52ef679

MALICIOUS

PDF

7.1 KB

MD5: d843e61f13fcf5d1a5b16cc921231eb9 SHA-1: 1c4a86781fe5de6a271421938e9fb8f73e8afa8a SHA-256: 0a093719e52ef679feb4251774fd1440412c921429bf02124ff3322d7b221087

106 Risk Score

Malware Insights

MITRE ATT&CK

T1059.007 JavaScript T1203 Exploitation for Client Execution

The PDF file contains embedded JavaScript, indicated by multiple heuristic firings including 'PDF_JAVASCRIPT' and 'PDF_JS'. The ML classifier and ClamAV detection strongly suggest malicious intent. The embedded JavaScript is likely responsible for executing a malicious payload, exploiting a client vulnerability.

Machine Learning

Nyx PDF Classifier malicious score 0.9977

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.