Pdf.Dropper.Agent-7278030-0 — PDF malware analysis

Static analysis result for SHA-256 8356563d9bbc69a2…

MALICIOUS

PDF

6.2 KB
MD5: c3cea6e7df7a3f933c34284a130d56f4 SHA-1: faa85aed70a959a4a037faf5dc48ee700286d377 SHA-256: 8356563d9bbc69a243b5ffd47e76766179ccc19466ddb1aba9fbbf64da27596f
106 Risk Score

Malware Insights

Pdf.Dropper.Agent-7278030-0 · confidence 99%

MITRE ATT&CK
T1059.001 PowerShell T1204.002 Malicious File

The PDF file was flagged by a machine learning classifier and ClamAV as malicious, specifically identified as Pdf.Dropper.Agent-7278030-0. It contains embedded JavaScript, indicating an attempt to execute malicious code upon opening. This suggests the PDF is a dropper intended to download and execute a secondary payload.

Machine Learning

  • Nyx PDF Classifier malicious score 1.0000

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7278030-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7278030-0
  • JavaScript action low PDF_JAVASCRIPT
    PDF contains a /JavaScript action. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.
  • Embedded JS stream low PDF_JS
    PDF references a /JS stream. Generic JavaScript is common in benign forms; specific dangerous APIs are scored by separate rules.

Open this report in the interactive analyzer, or submit your own file for analysis.