PDF malware analysis — malicious · 39dac236ff95582e

MALICIOUS

PDF

823.6 KB Created: 2006-07-19 23:42:12 Authoring application: This PDF is created by PDF4Free 2.0 (via PDF4U Adobe PDF Creator 2.0)

MD5: 26ea176f7c0c80cbdd115a4a038d3b30 SHA-1: d3d932d80110ec7d54debb769ae13bea1e486de2 SHA-256: 39dac236ff95582e565c6ae6f8383f028a5636a396630211cfc85c692a36bfe1

62 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 PowerShell

The PDF file contains multiple embedded URLs, one of which is flagged as an external URI. The ClamAV heuristic identifies the file as a known PDF exploit. The presence of these indicators suggests the document is designed to trick users into visiting malicious links, likely to download further malware.

Machine Learning

Nyx PDF Classifier clean score 0.0007

Heuristics 3

ClamAV: Pdf.Exploit.Agent-21380 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Exploit.Agent-21380
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://www.avt3d.pop.com.br/downloads.htme
- http://www.pdfpdf.com/0.htm
- http://www.avt3d.pop.com.br/tuto.zip
- http://www.avt3d.pop.com.br

Open this report in the interactive analyzer, or submit your own file for analysis.