Malicious PDF — malware analysis report

Static analysis result for SHA-256 b5b6866775f437d9…

MALICIOUS

PDF

3.6 KB
MD5: fc5196ff7d14bda18cd9f89d81f913db SHA-1: d7b3c4fd3fc926c574c6e6acce43cf597deeef21 SHA-256: b5b6866775f437d9730e3baf4e6d23d512278a613299b17270cfd7cdc999a68b
106 Risk Score

Malware Insights

The PDF file contains embedded JavaScript, indicated by multiple heuristic firings. The ML classifier and ClamAV detection strongly suggest malicious intent, likely related to exploiting vulnerabilities via this JavaScript. No specific family could be identified from the available evidence.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 3

  • ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
  • JavaScript action low PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.