Malicious PDF — malware analysis report

Static analysis result for SHA-256 92fec509229169ac…

MALICIOUS

PDF

3.9 KB
MD5: 270f0d6fd919b6cbe9bbcc0e921523f0 SHA-1: 3209dd045adbb75e3c0b00ac2588ef4a532e64dc SHA-256: 92fec509229169ac5fc14d7d38745739344d45cb90300b258992f9c06d8c66e4
62 Risk Score

Malware Insights

MITRE ATT&CK
T1204 Malicious File

The PDF file was detected as Win.Trojan.MSShellcode-7 by ClamAV, indicating malicious intent. The PDF contains only image data and no readable text, suggesting it's designed to bypass simple content analysis or to present a visual lure. No scripts or further exploitable content were extracted.

Machine Learning

  • Nyx PDF Classifier clean score 0.0247

Heuristics 2

  • ClamAV: Win.Trojan.MSShellcode-7 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.MSShellcode-7
  • PDF paints image(s) but contains no text operators info PDF_IMAGE_ONLY_LURE
    PDF has 1 image XObject(s) and the content stream contains no text-emitting operators (BT/ET, Tj, TJ, ', ") in either raw bytes or decompressed streams — this is the screenshot-as-PDF pattern used to bypass text-based scanners and to deliver instructions purely through rendered pixels. It is informational unless paired with invisible links or risky URI context.

Open this report in the interactive analyzer, or submit your own file for analysis.