Malicious PDF — malware analysis report

Static analysis result for SHA-256 ea5f15e71c2caeed…

MALICIOUS

PDF

737 B
MD5: 70edcb5d4abd2fc94ad3c380280abaa7 SHA-1: 84f15f6e26e36a453309a83a0145d91cec2c6a1f SHA-256: ea5f15e71c2caeedc928d273d931ea7507c2e50ed1ce93b7d25c189768d507be
100 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File Execution: User Execution: Malicious File

The PDF file contains a launch action that directly executes 'cmd.exe'. This is a common technique for initiating malicious payloads or commands. The confidence is high due to the direct execution of the command interpreter.

Heuristics 2

  • /Launch action target: "cmd.exe" critical PDF_LAUNCH_COMMAND
    PDF /Launch action specifies an executable target — references a known-dangerous executable (cmd, PowerShell, etc.).
  • Launch action high PDF_LAUNCH
    PDF contains a /Launch action with an unresolved or extension-less target — treat as potentially dangerous

Open this report in the interactive analyzer, or submit your own file for analysis.