Agent — PDF malware analysis

Static analysis result for SHA-256 156c7f33d9e2294e…

MALICIOUS

PDF

17.3 KB
MD5: eb8a08346aed705cf684f797c7124e37 SHA-1: 28e15f55c08bce71765fca521bf6c982738217e7 SHA-256: 156c7f33d9e2294eb83474939fe2ed5435d9b0236d2f138162fe97d0bf7ea485
60 Risk Score

Malware Insights

Agent · confidence 95%

MITRE ATT&CK
T1203 Exploitation for Client Execution

The ClamAV heuristic 'Pdf.Dropper.Agent-9237234-0' strongly indicates that this PDF is a dropper for a secondary malicious payload. The file's structure and the heuristic firing suggest it is designed to exploit vulnerabilities or trick the user into executing further malicious code. No document body or script content was available for further analysis.

Machine Learning

  • Nyx PDF Classifier clean score 0.0226

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-9237234-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-9237234-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_000_off000003eb.bin
d5011f60ee93ced289626057b3127c8591f471825c622e8afe19c053061423e7		 decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3EB 427856 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.