Malicious PDF — malware analysis report

Static analysis result for SHA-256 2bbf4cafc9de871a…

MALICIOUS

PDF

16.2 KB
MD5: 2543eab63e1f780f2787d3499b0b02db SHA-1: 3b69ffdb31c433074c0e547e5e270157ce544362 SHA-256: 2bbf4cafc9de871a4f35801ac3bfec0602e547d00f29fd563272878a28cda1b6
62 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file was identified as malicious by ClamAV with the signature Pdf.Dropper.Agent-7165819-0. This indicates the PDF is likely a dropper, intended to download and execute a second-stage payload. The document body content was unreadable, but the heuristic firing strongly suggests a malware delivery function.

Machine Learning

  • Nyx PDF Classifier clean score 0.0311

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7165819-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7165819-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_000_off000003eb.bin
bcfbbee3b0793ff582396354605d0c62c2ca4e63947cf7006ae46e12d004c9cc		 decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3EB 414400 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.