PDF malware analysis — malicious · 2a742f78dd36ed92

MALICIOUS

PDF

6.0 KB

MD5: c992f4cf13a8441d45af9b52b2f0039e SHA-1: dbf4695f18f2cd4d36926cd57284c8bdc8ceaf38 SHA-256: 2a742f78dd36ed9287f4e0a1b6a28f904e1edeb4179e34e31d72285774c114eb

76 Risk Score

Malware Insights

The PDF file contains embedded JavaScript, indicated by multiple heuristic firings related to PDF JavaScript actions and streams. This JavaScript is likely intended to execute malicious code upon opening the document, a common technique for delivering further payloads. The specific obfuscation method used by ClamAV suggests a deliberate attempt to hide malicious functionality.

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.