Malicious PDF — malware analysis report

Static analysis result for SHA-256 de091437a0a585ab…

MALICIOUS

PDF

16.2 KB
MD5: c059b5b4dc895934ef68d8f1f06d062c SHA-1: 486c600b4a820bbbbb1d5db7273d4fbcf53d95bb SHA-256: de091437a0a585ab4fb207a5ac89557204972602653714534cfb71a6b8d0134d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The primary indicator is the ClamAV detection signature 'Pdf.Dropper.Agent-7994806-0', which strongly suggests this PDF is designed to deliver malware. No document body text or scripts were extracted, limiting further analysis of the specific delivery mechanism or payload. The file size is relatively small for a PDF, which is common for droppers.

Machine Learning

  • Nyx PDF Classifier clean score 0.0311

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7994806-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7994806-0

Extracted artifacts 1

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_type1_off000003eb.bin
be51d6772ee1f143356f133135fb2bc5b28f47d4cbeec2d48a3de08501ae4afa		 pdf-font-stream PDF embedded font (type1) at offset 0x3EB 414444 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.