Malicious PDF — malware analysis report

Static analysis result for SHA-256 4cdf7b753edf85d4…

MALICIOUS

PDF

4.0 KB
MD5: 75ce773af9c1a468f4cf556abb15c191 SHA-1: c25b552c0eaa73c1c8957a42063d0adceaa6f1ba SHA-256: 4cdf7b753edf85d4db104931e596c69765ca313c0293232404cb413a6552f64b
68 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The critical ClamAV heuristic identified this PDF as Pdf.Exploit.Agent-36928, indicating it exploits known vulnerabilities. The presence of an XFA form further supports its exploitability. While no specific payload or delivery mechanism is detailed in the extracted evidence, the file's nature as a malicious PDF points towards an attack pattern aimed at exploiting user interaction or document parsing vulnerabilities.

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36928 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36928
  • XFA form low PDF_XFA
    PDF uses XML Forms Architecture — can contain script logic

Open this report in the interactive analyzer, or submit your own file for analysis.