Malicious PDF — malware analysis report

Static analysis result for SHA-256 8277157a4afa4fec…

MALICIOUS

PDF

1.4 KB
MD5: 5e86468df1e0832551300925c6fa27d3 SHA-1: b122c0d134584715358a9a01e41416e06b2beb09 SHA-256: 8277157a4afa4fecc662f4c7d3acaccf0e42d49c83454374cd2c39f3e62e1d34
100 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The PDF contains a launch action that attempts to execute the local program 'notepad.exe'. The document body includes text that prompts the user to click 'Open' to view confidential data, suggesting a social engineering lure to execute the embedded action. The confidence is high due to the direct heuristic firing on the launch action.

Heuristics 2

  • Launch action critical PDF_LAUNCH
    PDF contains a /Launch action whose target is an executable, URL, or UNC path — can start an external application
  • /Launch action target: notepad.exe high PDF_LAUNCH_COMMAND
    PDF /Launch action specifies an executable target.

Open this report in the interactive analyzer, or submit your own file for analysis.