PDF malware analysis — malicious · f8498ca12e1b14ea

MALICIOUS

PDF

6.0 KB

MD5: 208468e39b4a4b6423f52afda6742712 SHA-1: 055ac9884e74b2471ec9aac598ccbb69fb5b0bf2 SHA-256: f8498ca12e1b14eac050a7ed9a604980623bb4ef3924bd0ef8ac1487eb5a79b6

76 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 JavaScript/JScript

The PDF file contains embedded and obfuscated JavaScript, as indicated by multiple heuristic firings. ClamAV also flagged this file as malicious due to obfuscated objects. The primary attack vector appears to be the execution of this JavaScript, likely to download and execute a secondary payload.

Heuristics 3

ClamAV: Heuristics.PDF.ObfuscatedNameObject critical CLAMAV_DETECTION

ClamAV detected this file as malware: Heuristics.PDF.ObfuscatedNameObject
JavaScript action low PDF_JAVASCRIPT

PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
Embedded JS stream low PDF_JS

PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.