Malicious PDF — malware analysis report

Static analysis result for SHA-256 36b9c301ec9dffe2…

MALICIOUS

PDF

8.4 KB
MD5: 51cf7d397df45a671206f0a2cf20cbab SHA-1: c70df2f7477a4ef4e78013adfca173a9a6c34a85 SHA-256: 36b9c301ec9dffe2f44c7c278ae27c98ab009e2f7d41d8c45a6ec76c44742875
76 Risk Score

Malware Insights

The PDF file contains embedded JavaScript, indicated by multiple heuristic firings related to PDF and JavaScript. ClamAV also flagged the file as malicious due to obfuscated objects. The presence of JavaScript suggests an attempt to execute malicious code upon opening the PDF, likely to download or run a secondary payload.

Heuristics 3

  • ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
  • JavaScript action low PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.