PDF malware analysis — malicious · ef6c11708adf94cb

MALICIOUS

PDF

1016 B

MD5: 22f983ae550a900b0918e09f0e229a3c SHA-1: b6edd58c128409e7cd077e1f776c3490be1d30eb SHA-256: ef6c11708adf94cbf97326e15adc97062f8c5ec855cd2549527a1f22f9c68daa

100 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a launch action that directs the user to the URL http://pyrocenter.hu/index.html. The document body also contains this URL, suggesting a lure to entice the user to click the link. The heuristics confirm the presence of a dangerous launch action targeting this URL.

Heuristics 3

Launch action critical PDF_LAUNCH

PDF contains a /Launch action whose target is an executable, URL, or UNC path — can start an external application
/Launch action target: http://pyrocenter.hu/index.html high PDF_LAUNCH_COMMAND

PDF /Launch action specifies an executable target.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://pyrocenter.hu/index.html

Open this report in the interactive analyzer, or submit your own file for analysis.