DOJ Epstein File Flagged as Suspicious on VirusTotal

A user reports that the file EFTA01133110.pdf (from Data Set 9 of the DOJ's Epstein documents) exhibits suspicious behavior on VirusTotal, despite not being detected statically by antivirus software. Dynamic analyses (sandboxes CAPE, Jujubox, Zenbox) reveal indicators of exploitation (T1203, T1055), anti-analysis techniques (IsDebuggerPresent, temporal checks), as well as network activities towards domains like adobe.com and registry modifications. The file, which contains a photo of pieces of meat in a freezer, also generates processes related to Adobe Acrobat and unusual mutexes.