Malicious PDF — malware analysis report

Static analysis result for SHA-256 8b7f450a6f3bd9f9…

MALICIOUS

PDF

244.6 KB
MD5: 9926fd8137794a1a4dce71096b37d40b SHA-1: e6fbf5a328c19f3931516942e546c810ee9960ce SHA-256: 8b7f450a6f3bd9f9435ac7ee8b718ba5c038d7818b0ff63a58b3f95c747b7598
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The file is identified as malicious by both a machine learning classifier and ClamAV, which specifically flags it as 'Pdf.Dropper.Agent-7280681-0'. The document body contains minimal text, suggesting its primary purpose is to act as a container for malicious content rather than to convey information. The heuristics strongly indicate a dropper functionality, likely intended to download and execute further payloads.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9594

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7280681-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7280681-0

Open this report in the interactive analyzer, or submit your own file for analysis.