Agent PDF malware analysis — malicious · 0e990561cd1cc95d

MALICIOUS

PDF

16.8 KB

MD5: c3f2a1220bacdd611f205242efb20142 SHA-1: de37797606ebc93be5d3900c944f6ffa05c37c14 SHA-256: 0e990561cd1cc95d66567bde8f3bdc6c9bd0142515a132ef448877893a1ebd28

60 Risk Score

Malware Insights

Agent · confidence 95%

MITRE ATT&CK

T1203 Exploitation for Client Execution

The ClamAV heuristic 'Pdf.Dropper.Agent-7102542-0' strongly indicates this PDF is a dropper for malicious payloads. The file's structure and the specific ClamAV detection name suggest it's designed to exploit vulnerabilities for client execution. No document body or scripts were extracted, limiting further analysis of the specific payload or delivery mechanism.

Machine Learning

Nyx PDF Classifier clean score 0.0249

Heuristics 1

ClamAV: Pdf.Dropper.Agent-7102542-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Dropper.Agent-7102542-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`font_00_type1_off000003eb.bin` `436174a3b972a09d1f8258fe0816599e0dbcc9042429896c2056aebdc0d0b521`	pdf-font-stream	PDF embedded font (type1) at offset 0x3EB	421128 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.