PDF malware analysis — malicious · 1e183f13a3aaad83

MALICIOUS

PDF

8.2 KB

MD5: c5651afa05fe767616632c7dee968a91 SHA-1: 1605587a3e4bab31c3abc0d23d18e915078fa0d5 SHA-256: 1e183f13a3aaad8311b10c25b8f304d2ce8acd8295723bc657859f622184fed3

76 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 JavaScript/JScript

The PDF file contains embedded JavaScript, indicated by multiple heuristic firings related to PDF JavaScript actions and streams. ClamAV also flagged the file due to obfuscated objects, suggesting malicious intent. The embedded JavaScript is likely used to execute arbitrary code or exploit vulnerabilities within the PDF reader.

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.