Malicious PDF — malware analysis report

Static analysis result for SHA-256 d7ce565a18bcc5c8…

MALICIOUS

PDF

8.1 KB
MD5: 1865e48c29d1f8e8c371987e9db12e8c SHA-1: 92aaa2e4156a1176ec90cc58ac22399288aae34b SHA-256: d7ce565a18bcc5c8e647ac72ddcf920e7e33bf6b4bf83242f66d06808f936f24
98 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF was flagged by a machine learning classifier and ClamAV with a critical severity, indicating it contains a known exploit. The XFA form heuristic also suggests a potentially complex or malicious structure. The ClamAV detection name 'Pdf.Exploit.Agent-36962' is included as a primary IOC.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9974

Heuristics 2

  • ClamAV: Pdf.Exploit.Agent-36962 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Exploit.Agent-36962
  • XFA form low PDF_XFA
    PDF uses XML Forms Architecture — can contain script logic

Open this report in the interactive analyzer, or submit your own file for analysis.