PDF malware analysis — malicious · d74bdbf1e6f70925

MALICIOUS

PDF

2.5 KB Created: 2008-31-20 53:85:00 Authoring application: aaaaaaaa

MD5: 18fa742eea042c862732aefafa9ecb93 SHA-1: 20062ce1bb073488e3ff6782c772d9311e3f1fd3 SHA-256: d74bdbf1e6f709256102445995e258a55058151d434100059a31d6005bca30bd

106 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File: Malicious File

The file is identified as a malicious PDF by ClamAV and a machine learning classifier. Heuristics indicate the presence of embedded JavaScript, which is commonly used in PDF exploits. The ML classifier's high confidence score and the ClamAV detection strongly suggest malicious intent, likely involving the execution of an exploit via JavaScript.

Machine Learning

Nyx PDF Classifier malicious score 1.0000

Heuristics 3

ClamAV: Pdf.Exploit.Agent-36014 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Exploit.Agent-36014
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.