PDF malware analysis — malicious · 7348481b1e964dc0

MALICIOUS

PDF

6.1 KB

MD5: 1728f4ff59391f682c316e0b8500c63f SHA-1: 03a7a0a493fb5cdc568253806ce87ec4faab7578 SHA-256: 7348481b1e964dc093e0885ef69b1c3beecb64d7302ba7cd1b24c9c8576abd91

106 Risk Score

Malware Insights

MITRE ATT&CK

T1059.007 JavaScript T1566.001 Spearphishing Attachment

This PDF file contains embedded JavaScript, which is flagged by multiple heuristics including a critical ClamAV detection for obfuscated objects. The ML classifier also strongly indicates maliciousness. The embedded JavaScript is likely intended to execute malicious code upon opening the document, potentially leading to further compromise.

Machine Learning

Nyx PDF Classifier malicious score 1.0000

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.