Malicious PDF — malware analysis report

Static analysis result for SHA-256 c83d83ce2b72ffde…

MALICIOUS

PDF

1014 B
MD5: 5108b38b4d81acab6f38bce9a3d4d28d SHA-1: 88ff55333f5dd7c08600d6352732df6791dd4bbc SHA-256: c83d83ce2b72ffdea040f36b23c43a29794f1ec548fe7a807d1551dfc9c5e072
100 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File: User Execution: Malicious File

The PDF file contains a launch action that targets the notepad.exe executable. This is a common technique to trick users into thinking a legitimate process is running, while the actual malicious payload is executed in the background. The document body content is minimal and does not provide further context.

Heuristics 2

  • Launch action critical PDF_LAUNCH
    PDF contains a /Launch action whose target is an executable, URL, or UNC path — can start an external application
  • /Launch action target: notepad.exe high PDF_LAUNCH_COMMAND
    PDF /Launch action specifies an executable target with parameters '\nClear content'.

Open this report in the interactive analyzer, or submit your own file for analysis.