Malicious PDF — malware analysis report

Static analysis result for SHA-256 bff33a687a51a4c9…

MALICIOUS

PDF

2.2 KB
MD5: 0b0bac0dd2ca8acd4f95c19223ccecdb SHA-1: 1a2026e158bba6f91d9425062a01c51465225c90 SHA-256: bff33a687a51a4c91dc2e5dc2ab7ea62a4de17001b6ed934d98da076f874d7b5
130 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The file is a PDF document flagged by multiple detection engines, including ClamAV, as malicious. Static analysis identified a launch action, indicating an attempt to exploit a vulnerability within the PDF reader to execute code. The ML classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9994

Heuristics 2

  • ClamAV: Win.Exploit.Fnstenv_mov-1 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Exploit.Fnstenv_mov-1
  • Launch action high PDF_LAUNCH
    PDF contains a /Launch action with an unresolved or extension-less target — treat as potentially dangerous

Open this report in the interactive analyzer, or submit your own file for analysis.