PDF malware analysis — malicious · 53de4f1f2be7e70f

MALICIOUS

PDF

12.6 KB

MD5: 45f228906562dde8930bc451a38b78c4 SHA-1: 97a592d8a22f8f35c25d9d69c0820a4c1dd10904 SHA-256: 53de4f1f2be7e70f148a6b247d2b598cd357d1022a09a3ae760fd53d0ab89162

76 Risk Score

Malware Insights

The file is identified as a malicious PDF by ClamAV with the signature Pdf.Exploit.Agent-36723. Static analysis revealed embedded JavaScript, indicating an attempt to execute malicious code. The primary attack vector appears to be leveraging a PDF vulnerability to run this script.

Heuristics 3

ClamAV: Pdf.Exploit.Agent-36723 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Exploit.Agent-36723
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`javascript_obj0076_000.js` `73c7a5bc7b3071ec00dffeec3d8c9a82dd2669d55a5ccf4a232bbd60e05c23a1`	pdf-javascript-stream	PDF /JS object 76 at offset 0x369	11779 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.