PDF malware analysis — malicious · 71684b20d7336072

MALICIOUS

PDF

1.1 KB

MD5: b32f74f1a575cb1fccd684645aee9208 SHA-1: 5e3095ed9b7a0c3bb51702ebcbb92475f73a53a1 SHA-256: 71684b20d7336072365e43610c894a819ff0f81bf87165dce442776c6fca972a

106 Risk Score

Malware Insights

MITRE ATT&CK

T1059.007 JavaScript T1203 Exploitation for Client Execution

This PDF file was flagged as malicious by multiple heuristics, including a high-severity ML classifier and ClamAV detection for obfuscated objects. The presence of embedded JavaScript actions and streams indicates an attempt to execute malicious code, likely exploiting a PDF vulnerability to achieve arbitrary code execution.

Machine Learning

Nyx PDF Classifier malicious score 0.9999

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.