Malicious PDF — malware analysis report

Static analysis result for SHA-256 44bf106d4df04c62…

MALICIOUS

PDF

226.8 KB
MD5: e12ea91badecb86952b0153c27505136 SHA-1: ff573814e47841b696b6a7381a38790305e97868 SHA-256: 44bf106d4df04c62f5241b1869fa1937c8ca59f81f5a4b06f1a449f17e924f46
90 Risk Score

Malware Insights

MITRE ATT&CK
T1204 Malicious Link T1204.002 Malicious File

The file was detected as malicious by both a machine learning classifier and ClamAV, specifically identified as a PDF dropper. The document body contains seemingly random strings, suggesting it is designed to obfuscate its malicious intent rather than provide user-facing content. The primary function appears to be dropping a secondary payload, as indicated by the ClamAV detection name.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9956

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7255768-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7255768-0

Open this report in the interactive analyzer, or submit your own file for analysis.