MALICIOUS
76
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF file exhibits characteristics of malicious intent through its obfuscated object names, as indicated by the ClamAV heuristic firing. While no specific document body content or scripts were extracted for direct analysis of user-facing lures or malicious actions, the embedded file and XFA form suggest an attempt to conceal or execute malicious code. The obfuscation itself is a strong indicator of malicious activity, likely aimed at evading security controls.
Heuristics 3
-
ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTIONClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
-
Embedded file low PDF_EMBEDDEDPDF embeds a file attachment — could carry an executable or another weaponised document as a nested payload
-
XFA form low PDF_XFAPDF uses XML Forms Architecture — can contain script logic
Open this report in the interactive analyzer, or submit your own file for analysis.