Malicious PDF — malware analysis report

Static analysis result for SHA-256 88c8dd0e51f4f17c…

MALICIOUS

PDF

16.7 KB
MD5: cf378ae54539fab13b07e808def54216 SHA-1: 7604d88c3f7cb20459da8502ff237d189e7b2ba8 SHA-256: 88c8dd0e51f4f17c5fdfd21e3e441df6e974f6ea843da4210437cd7a9298599c
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The primary indicator is the ClamAV detection of 'Pdf.Dropper.Agent-7166450-0', strongly suggesting the PDF is designed to deliver malware. No document body or script content was available for further analysis, limiting the ability to detail the specific payload or delivery mechanism. The file's structure and detection point towards a dropper functionality.

Machine Learning

  • Nyx PDF Classifier clean score 0.0266

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7166450-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7166450-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_000_off000003eb.bin
65a531be7f806efdfe7480d7423e75751c53d0c813edd8e8775f56f175ff612c		 decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3EB 414841 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.