Malicious PDF — malware analysis report

Static analysis result for SHA-256 d9b8fb84ddfe0429…

MALICIOUS

PDF

17.2 KB
MD5: 6e93d5277c40b07980eeb8349add8003 SHA-1: d35d6120581f622a23e9c35412f5c6b3bd969210 SHA-256: d9b8fb84ddfe04290d22f05bd9e79517a419b88c4b4ccf119e60dedee8ffe325
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The ClamAV heuristic 'Pdf.Dropper.Agent-7311276-0' strongly indicates that this PDF is designed to drop and execute a malicious agent. While no specific document body content or scripts were extracted for further analysis, the detection signature itself points to a dropper functionality, likely exploiting a PDF vulnerability to achieve initial execution.

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7311276-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7311276-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_type1_off000003eb.bin
96f5cf1efb35d2debeb8df48115a1472fb6ff7014df1022a1d90c30e688640e8		 pdf-font-stream PDF embedded font (type1) at offset 0x3EB 421568 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.