PDF malware analysis — malicious · d27398978be86ed2

MALICIOUS

PDF

112.5 KB

MD5: 5f633c7999313acae6336d3caf72fa37 SHA-1: 9fdfe62f24922d6dbe49b26857044af3c7c02ffb SHA-256: d27398978be86ed2a9adfbda15487c8b8278c108103068f94e4c9fffbd03ef91

60 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File

The PDF contains a direct link to an executable or archive payload. This is a common technique for delivering malware. The link is embedded within a click-through URL, which is a social engineering tactic to obscure the true destination. No scripts were extracted from this sample.

Machine Learning

Nyx PDF Classifier clean score 0.0004

Heuristics 1

PDF link points directly to executable/archive payload critical PDF_DIRECT_PAYLOAD_LINK

PDF contains a clickable HTTP(S) URI whose path ends in an executable, script, shortcut, disk image, or archive extension. Documents can legitimately link to installers, so this is a high-risk delivery indicator rather than a standalone exploit fingerprint.

Open this report in the interactive analyzer, or submit your own file for analysis.