MALICIOUS
66
Risk Score
Malware Insights
MITRE ATT&CK
T1204 Malicious Link
T1566 Phishing
The PDF file was identified as suspicious by a machine learning classifier with a high confidence score. It contains XFA form elements and an embedded file, which are common techniques for delivering malicious content. While no specific malicious script or payload was directly extracted, the combination of these indicators suggests an attempt to exploit PDF vulnerabilities or trick the user into interacting with malicious content.
Machine Learning
- Nyx PDF Classifier malicious score 1.0000
Heuristics 3
-
PDF embedded file could not be fully decoded medium PDF_EMBEDDED_FILE_UNDECODEDA declared PDF /EmbeddedFile stream uses filters that the scanner could not decode. The raw stream was carved for artifact triage because malformed or unsupported attachment filters can hide payload content from normal extraction.
-
Embedded file low PDF_EMBEDDEDPDF embeds a file attachment — could carry an executable or another weaponised document as a nested payload
-
XFA form low PDF_XFAPDF uses XML Forms Architecture — can contain script logic
Open this report in the interactive analyzer, or submit your own file for analysis.