Malicious PDF — malware analysis report

Static analysis result for SHA-256 9daf068190c7c09c…

MALICIOUS

PDF

16.8 KB
MD5: 23a218f3f1d5ac34f9a5ddab9e9b3a45 SHA-1: 6360e5c84728acaf7236743eb7f13a934f1e2da1 SHA-256: 9daf068190c7c09c2f789f02fa2aa154a3537a8b7526a54b6bbdfc7108cf0144
62 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The ClamAV heuristic 'Pdf.Dropper.Agent-7106766-0' strongly indicates that this PDF is designed to drop and execute a secondary malicious payload. The document body content is heavily obfuscated and does not provide direct clues about the lure, but the heuristic firing is sufficient to classify it as a malicious dropper.

Machine Learning

  • Nyx PDF Classifier clean score 0.0249

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7106766-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7106766-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_type1_off000003eb.bin
d72bdf850243af005be6ade4e056c6919705e34ab99770d365c98ef1624637cd		 pdf-font-stream PDF embedded font (type1) at offset 0x3EB 421128 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.