PDF malware analysis — malicious · 56af31516beb9746

MALICIOUS

PDF

69.3 KB

MD5: 1c17a7b426aeee877e00f934f4efd81f SHA-1: dfba00abeba336619aebccfa71e1c2a8021556e2 SHA-256: 56af31516beb9746e79e338e8646527eaf4546bf4ba9a469b8c403a382bc702c

60 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 PowerShell

The file is a PDF document flagged by ClamAV for obfuscated object names, indicating malicious intent. It contains an embedded URL to 'www.bitstream.com', which is likely part of a phishing or social engineering lure. The document body is heavily obfuscated and does not provide clear textual content, but the overall structure and heuristic firing suggest an attempt to deceive the user.

Heuristics 2

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://www.bitstream.com

Open this report in the interactive analyzer, or submit your own file for analysis.