Malicious PDF — malware analysis report

Static analysis result for SHA-256 5414e3fea917d942…

MALICIOUS

PDF

16.2 KB
MD5: 2b23f7daff18291f590b83812b5d42ca SHA-1: 7969f81d29f1898b1ad56c978aabeb23991ff64d SHA-256: 5414e3fea917d94286301390211d77023052d9a358a7e1a516ff45b5eb167d43
62 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The ClamAV heuristic 'Pdf.Dropper.Agent-7172145-0' indicates that this PDF is designed to drop and execute a secondary malicious payload. The document body is heavily obfuscated and does not provide clear textual lures. Due to the lack of specific script content or identifiable exploits, the exact delivery mechanism and payload remain unclear, leading to an 'unknown family' classification.

Machine Learning

  • Nyx PDF Classifier clean score 0.0311

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7172145-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7172145-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_000_off000003eb.bin
990ed84f0720cf2961ec9edc53e60329772b77668b745ce384db93e8f3dc5e7d		 decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3EB 414400 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.