Malicious PDF / .0_B — malware analysis report

Static analysis result for SHA-256 17a22356881c21c5…

MALICIOUS

PDF / .0_B

8.5 KB Created: 2009-02-19 14:45:49 -02:00 Authoring application: Writer (via OpenOffice.org 3.0)
MD5: 6e815b1425c03bef89bc9a02cbf072bc SHA-1: 65e6f974adc25571cf085762ecad4ecbb5219b8a SHA-256: 17a22356881c21c5506eff5b1da51c9d47e9c414402a4e345160130932c53bc8
130 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The PDF file was flagged by a machine learning classifier and ClamAV as malicious, specifically detecting a known exploit. A launch action was identified, indicating an attempt to execute an external program upon opening the document. No document body text was available for further analysis.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9770

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-35541 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-35541
  • Launch action high PDF_LAUNCH
    PDF contains a /Launch action with an unresolved or extension-less target — treat as potentially dangerous

Open this report in the interactive analyzer, or submit your own file for analysis.