Malicious PDF — malware analysis report

Static analysis result for SHA-256 755494dc82fdf6de…

MALICIOUS

PDF

2.4 KB
MD5: 95fc85a055f06dad68a37c61b247e140 SHA-1: d2fa4039f7a896fd0ddd00255fc47963b7d3ac95 SHA-256: 755494dc82fdf6ded63ae156b56df320512cfd91de328c7bb3454f060bb39107
98 Risk Score

Malware Insights

MITRE ATT&CK
T1203 Exploitation for Client Execution

The sample is a PDF file flagged by multiple detection engines, including ClamAV, as a malicious exploit. The presence of XFA form elements suggests a potential attack vector targeting form processing within the PDF reader. The ML classifier also strongly indicates maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9958

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36928 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36928
  • XFA form low PDF_XFA
    PDF uses XML Forms Architecture — can contain script logic

Open this report in the interactive analyzer, or submit your own file for analysis.