Malicious PDF — malware analysis report

Static analysis result for SHA-256 a8ea9f63d81e0927…

MALICIOUS

PDF

48 B
MD5: 444f1182d4cc5c551f95c836d422d5f5 SHA-1: 2765c432e4015cbf218c659d0c0c8fb9190848d7 SHA-256: a8ea9f63d81e0927b1935af65c5c4ae12be654d6d1d57907772491a65a562aa5
80 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The ML classifier strongly indicated maliciousness in this PDF. Additionally, a heuristic identified a suspicious delivery mechanism within an encrypted archive, suggesting a multi-stage attack. The exact nature of the exploit or payload is not discernible from the provided evidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9989

Heuristics 1

  • Suspicious payload delivered in a password-protected archive high ARCHIVE_ENCRYPTED_SUSPICIOUS_DELIVERY
    The archive was password-protected (opened with a common malware-analysis password) and its extracted content is independently suspicious. Password-protecting the wrapper is a deliberate mail-gateway / static-scanner evasion; combined with suspicious content this is the standard malspam delivery pattern.

Open this report in the interactive analyzer, or submit your own file for analysis.