Malicious PDF — malware analysis report

Static analysis result for SHA-256 57028da123c9f874…

MALICIOUS

PDF

1.3 KB Created: 2005-09-29 09:27:34 UTC Authoring application: Acrobat Distiller 8.1.0 (Windows)
MD5: f5ddd1083287cf18f7106d1fc6e01ea7 SHA-1: 3905a0f3f0c78f619d4e2e809b820011743d6f74 SHA-256: 57028da123c9f8748849df931a2c2d5cd904a81e8c01065e066a543b35ef6c4f
98 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file is identified as a malicious PDF by multiple detection engines, including ClamAV which flagged it as Pdf.Exploit.Agent-36015. Static analysis also revealed an embedded file, a common technique for delivering exploits or further malicious payloads within PDF documents. The ML classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.7494

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36015 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36015
  • Embedded file low PDF_EMBEDDED
    PDF embeds a file attachment — could carry an executable or another weaponised document as a nested payload

Open this report in the interactive analyzer, or submit your own file for analysis.