Malicious PDF — malware analysis report

Static analysis result for SHA-256 442a5d4ba32f459f…

MALICIOUS

PDF

1.2 KB
MD5: 9d5d644c4c6ccf7db94b13dd50ca2b12 SHA-1: 90e040c8b00b5855f6f6e1270409d665be2d9ac3 SHA-256: 442a5d4ba32f459f27605400af6fcd87638220953a46794b2c19549c39e14181
106 Risk Score

Malware Insights

The PDF file was flagged by multiple heuristics, including a critical ClamAV detection for Pdf.Exploit.Agent-36388 and a high ML score. It contains embedded JavaScript, indicating an attempt to execute malicious code upon opening. The primary attack vector appears to be exploiting PDF vulnerabilities to run arbitrary scripts.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 3

  • ClamAV: Pdf.Exploit.Agent-36388 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36388
  • JavaScript action low PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.