Malicious PDF — malware analysis report

Static analysis result for SHA-256 3759f0c7c988e465…

MALICIOUS

PDF

9.0 KB
MD5: 40f166d88945efc77924fc46dc0dc890 SHA-1: ac4d07d7180a9be2507aac96e6ad29983cc4010a SHA-256: 3759f0c7c988e4650eb58d409f62115bf3a56c5e8b5ea56c50295312300facfa
68 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The critical ClamAV heuristic firing indicates the PDF is recognized as a known exploit, specifically 'Pdf.Exploit.Agent-36962'. The presence of XFA form elements further suggests a potential vector for exploit execution. While no specific payload or delivery URL was extracted, the file's nature as a malicious PDF exploit is clear.

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36962 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36962
  • XFA form low PDF_XFA
    PDF uses XML Forms Architecture — can contain script logic

Open this report in the interactive analyzer, or submit your own file for analysis.