Malicious PDF — malware analysis report

Static analysis result for SHA-256 e20f06381e01269c…

MALICIOUS

PDF

226.8 KB
MD5: 777d362db41022f8123f7c46b5f33125 SHA-1: d09acceb30be887dd739c9f0bc524fe27f818b73 SHA-256: e20f06381e01269c641871ddaa843469a22962e1d508bbc54b5153a8fefbf095
60 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file is identified as a malicious PDF dropper by ClamAV. The presence of obfuscated data within the document body suggests an attempt to conceal malicious content or exploit code. While no specific exploit or payload was directly extracted, the ClamAV detection strongly indicates a dropper functionality, likely designed to download and execute a secondary stage payload.

Heuristics 1

  • ClamAV: Pdf.Dropper.Agent-7315203-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7315203-0

Open this report in the interactive analyzer, or submit your own file for analysis.