Malicious PDF — malware analysis report

Static analysis result for SHA-256 69897ebf81f4a2a8…

MALICIOUS

PDF

1.3 KB Created: 2005-09-29 09:27:34 UTC Authoring application: Acrobat Distiller 8.1.0 (Windows)
MD5: 14a848227875298f98fc97cb09a40366 SHA-1: 6ec4083d8dd840919a39f4578dfe744ce59adb4c SHA-256: 69897ebf81f4a2a85aaa07438d30f28732939d5dc5bd84fd86c4fe7db6355669
98 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The PDF file was flagged by multiple detection engines, including ClamAV identifying it as Pdf.Exploit.Agent-36015. Static analysis also revealed an embedded file, indicating a potential multi-stage attack. The ML classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.7494

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36015 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36015
  • Embedded file low PDF_EMBEDDED
    PDF embeds a file attachment — could carry an executable or another weaponised document as a nested payload

Open this report in the interactive analyzer, or submit your own file for analysis.