Malicious PDF — malware analysis report

Static analysis result for SHA-256 b24e7b14667d63fb…

MALICIOUS

PDF

6.3 KB
MD5: 1ee7f52b3d2dbd9fbdded6c8daea04c0 SHA-1: 257ef095e41d96e4d63585df7f375f2073ab29f4 SHA-256: b24e7b14667d63fbeab9121caa8ee66b3ad71e2c328a7b59f40229f3c4fc55de
106 Risk Score

Malware Insights

The PDF was flagged by multiple heuristics, including a critical ClamAV detection for obfuscated objects and a high ML classifier score, indicating malicious intent. Embedded JavaScript actions and streams were also detected, suggesting the PDF is likely used to execute malicious code, potentially exploiting vulnerabilities or downloading further stages.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9999

Heuristics 3

  • ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
  • JavaScript action low PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.