Malicious PDF — malware analysis report

Static analysis result for SHA-256 e7ca4038fdd10d1d…

MALICIOUS

PDF

1.0 KB
MD5: c18d34d1cc10c83b2c97e2c5d12d92b6 SHA-1: f298e6d77d739b3ac25c850e3b1ef364d7aa6c6e SHA-256: e7ca4038fdd10d1dd9a17d922767efbef8cd0766da81bb9010b54b90361e6b91
80 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The PDF file contains a launch action that attempts to execute a file named 'line1 cmdd1234567890a1234567890b1234567890c1234567890d1234567890f.abc'. This is a common technique to trick users into running malicious payloads disguised as legitimate files. No scripts were extracted from this sample.

Heuristics 2

  • Launch action high PDF_LAUNCH
    PDF contains a /Launch action with an unresolved or extension-less target — treat as potentially dangerous
  • /Launch action target: line1 cmdd1234567890a1234567890b1234567890c1234567890d1234567890f.abc high PDF_LAUNCH_COMMAND
    PDF /Launch action specifies an executable target.

Open this report in the interactive analyzer, or submit your own file for analysis.