PDF malware analysis — malicious · ea2348351106f42a

MALICIOUS

PDF

12.4 KB

MD5: 672e964e6c82efb09ba7e1bc1f6090dd SHA-1: 0b151f89db239aa7543ca40377c0143691082439 SHA-256: ea2348351106f42a74df490b371b170c52f5735c7eed978522310bbba9902aad

76 Risk Score

Malware Insights

MITRE ATT&CK

T1204.002 Malicious File: Malicious File

The file is a PDF containing embedded JavaScript, identified by heuristics as a potential exploit. ClamAV detection further confirms its malicious nature, specifically flagging it as Pdf.Exploit.Agent-36723. The embedded JavaScript is likely responsible for executing the exploit, leading to a malicious outcome.

Heuristics 3

ClamAV: Pdf.Exploit.Agent-36723 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Exploit.Agent-36723
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`javascript_obj0076_000.js` `acaf7177be44a2a371421ea3bbe1565fe93974871fcc9b6d32216700701193ee`	pdf-javascript-stream	PDF /JS object 76 at offset 0x369	11577 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.