CLEAN
2
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious File
The PDF contains embedded JavaScript and a high number of streams, suggesting obfuscation or a malicious payload. The 'Fake invoice / payment lure' heuristic indicates the document's content is designed to deceive the user. While no specific malicious URLs or scripts were extracted, the combination of these factors points to a phishing attempt leveraging a deceptive document.
Heuristics 1
-
Analysis timed out (partial result) info ANALYSIS_TIMEOUT_PARTIALAnalysis exceeded the wall-clock timeout. Heuristics emitted by completed phases are preserved; phases interrupted mid-execution may have missed findings.
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_014_off0010d282.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x10D282 | 4194304 bytes |
SHA-256: f9237074b2765357b856d2d2fc7e1b5f6bc9abc86b87e33e7feaf863340f3dd7 |
|||
stream_016_off012b894b.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x12B894B | 27568 bytes |
SHA-256: 43238e0445bd8ec63bbeed8325c640efdf49e8260254d60bb72a3d3bb846257a |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.