Win.Trojan.Agent-36166 — PDF malware analysis

Static analysis result for SHA-256 6f01763bec2b13a9…

MALICIOUS

PDF

15.0 KB Created: 2009-11-15 19:41:70 Authoring application: PDF Library 4.3.9 (via PDF Library 3.9.7)
MD5: 0709fe2b0273dad791908c790d8c9e50 SHA-1: a83fd1fe5b6ea47b833355a56310fce0c5bf06c0 SHA-256: 6f01763bec2b13a90f828bced42c8f4d1ffaba047388a856b56262976a541851
60 Risk Score

Malware Insights

Win.Trojan.Agent-36166 · confidence 95%

MITRE ATT&CK
T1203 Exploitation for Client Execution

The file is identified as a malicious PDF by ClamAV, specifically Win.Trojan.Agent-36166. The PDF structure and content, though heavily obfuscated, indicate an attempt to exploit a vulnerability within the PDF reader to achieve code execution.

Machine Learning

  • Nyx PDF Classifier clean score 0.0747

Heuristics 1

  • ClamAV: Win.Trojan.Agent-36166 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Win.Trojan.Agent-36166

Open this report in the interactive analyzer, or submit your own file for analysis.