PDF malware analysis — malicious · 1cc16c6fa32532ee

MALICIOUS

PDF

5.0 KB

MD5: fa88ecb178d3059147759471206e23f6 SHA-1: 13fce491953fea2e701d6f35abb70b9a21735545 SHA-256: 1cc16c6fa32532ee9dbf5ca976e4b4dd2800d42650b2f231f5a4745e8d348f86

106 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious Link: Malicious File

The PDF file was flagged by multiple heuristics, including a critical ClamAV detection for obfuscated objects and a high ML classifier score. Embedded JavaScript actions and streams were detected, indicating an attempt to execute malicious code. The primary attack pattern involves leveraging PDF vulnerabilities to run embedded scripts.

Machine Learning

Nyx PDF Classifier malicious score 0.9999

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.