PDF malware analysis — malicious · 79a0d1dcadf10791

MALICIOUS

PDF

3.6 KB

MD5: 2fbfb340b73e917b94f66fc4d5c5501b SHA-1: 4a2be836b819ddcbabc8688de08a95932dbace5a SHA-256: 79a0d1dcadf107917d647156b850326583ca76372c09b9732530322aef89505b

106 Risk Score

Malware Insights

MITRE ATT&CK

T1059.007 JavaScript T1203 Exploitation for Client Execution

Static analysis identified the file as a PDF containing obfuscated JavaScript, strongly indicating malicious intent. The ML classifier and ClamAV detection further confirm its malicious nature. The presence of JavaScript suggests an attempt to execute arbitrary code, likely exploiting a PDF reader vulnerability.

Machine Learning

Nyx PDF Classifier malicious score 1.0000

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.