MALICIOUS
136
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.6013
Heuristics 5
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
External URI info PDF_URIPDF contains an external URL action
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://fecuq.co.za/XSRYdR1H?utm_term=create+kahoot+from+spreadsheet PDF link annotation
- https://sojomirolasa.weebly.com/uploads/1/3/4/3/134325131/madaveb-boxagavunoxunum-muferasilasoro-lusexazazure.pdfIn PDF document text
- https://nefagowilad.weebly.com/uploads/1/3/4/7/134742945/fafetosaxajif-jiromebejit.pdfIn PDF document text
- https://anukulagrotech.com/userfiles/file/jizusepex.pdfIn PDF document text
- https://jofovumilaj.weebly.com/uploads/1/3/2/6/132681264/giwewitusadik_vibigiku_rarepogofu_dunejebikep.pdfIn PDF document text
- https://gigodetexopisi.weebly.com/uploads/1/3/4/6/134630538/f807706b5ff.pdfIn PDF document text
- https://nixogizuriv.weebly.com/uploads/1/3/0/7/130740196/5781607.pdfIn PDF document text
- https://szabobuszrendeles.hu/files/files/54466931501.pdfIn PDF document text
- https://tovumanaxi.weebly.com/uploads/1/3/5/3/135392352/9043620.pdfIn PDF document text
- https://paruvinuj.weebly.com/uploads/1/3/5/9/135970142/3139933.pdfIn PDF document text
- https://nikigetevakawu.weebly.com/uploads/1/3/1/4/131413362/e1f9d0dd4.pdfIn PDF document text
- https://wuxotiwor.weebly.com/uploads/1/3/4/3/134335057/9968630.pdfIn PDF document text
- http://packagingandfoodmachinary.com/userfiles/file/sozusomasi.pdfIn PDF document text
- https://zuveravovizopow.weebly.com/uploads/1/3/0/9/130969477/rilonav.pdfIn PDF document text
- https://lenimupet.weebly.com/uploads/1/3/4/0/134013040/4927522.pdfIn PDF document text
- https://rasofenetiko.weebly.com/uploads/1/3/4/8/134862321/4b85c.pdfIn PDF document text
- https://kajukijuxuvame.weebly.com/uploads/1/3/5/3/135329863/purajowa.pdfIn PDF document text
- https://nokogijesa.weebly.com/uploads/1/3/1/4/131452879/8267612.pdfIn PDF document text
- https://nabsangram.com/userfiles/file/gewilamiravadesaroxug.pdfIn PDF document text
- https://exam11.menapoint.com/app/webroot/upload/files/ketalesa.pdfIn PDF document text
- https://pujuxapalijened.weebly.com/uploads/1/3/6/0/136009243/mudakuxoweze-vipoledidoxa.pdfIn PDF document text
- https://mopelajizefuxo.weebly.com/uploads/1/3/0/7/130739073/8135610.pdfIn PDF document text
- http://dabien.co.kr/wp-content/plugins/formcraft/file-upload/server/content/files/162159c3b7002f---6481696213.pdfIn PDF document text
- https://todarezete.weebly.com/uploads/1/3/4/6/134650749/punefiwoxeg.pdfIn PDF document text
- https://jujovokuzaxeg.weebly.com/uploads/1/3/4/8/134884411/wafixubutuku-vogutu.pdfIn PDF document text
- https://suwudaxodorepe.weebly.com/uploads/1/3/4/8/134885248/nuxamuligozipefami.pdfIn PDF document text
- https://gokododilu.weebly.com/uploads/1/3/4/5/134578034/5fc38a1ccc50d.pdfIn PDF document text
- https://lulegosepo.weebly.com/uploads/1/3/0/9/130969478/rafevab.pdfIn PDF document text
- https://sukanoxe.weebly.com/uploads/1/3/1/4/131453950/jetimifofe-venenu-pofon-puzed.pdfIn PDF document text
- https://mitrasuksesku.com/userfiles/file/kujinozodematibofi.pdfIn PDF document text
- https://bibosinusej.weebly.com/uploads/1/3/4/7/134712936/240249.pdfIn PDF document text
- https://juwasiro.weebly.com/uploads/1/3/4/6/134602181/kojuwovotiriti-noladenosaf-foxuju-vumudekin.pdfIn PDF document text
- https://smilaxlabs.com/userfiles/files/derabef.pdfIn PDF document text
- https://lozulijulejibog.weebly.com/uploads/1/3/1/8/131857057/e8354b39e.pdfIn PDF document text
- https://jinugavov.weebly.com/uploads/1/3/4/4/134438703/savoriputojum.pdfIn PDF document text
- https://joweralifaj.weebly.com/uploads/1/3/4/3/134350132/mujaravonevusodax.pdfIn PDF document text
- https://sinukunub.weebly.com/uploads/1/3/4/4/134431456/boroxut.pdfIn PDF document text
- https://janelexireretof.weebly.com/uploads/1/3/4/6/134630470/tenej_gumerowizago_batodelunuramuw.pdfIn PDF document text
- https://lewotivegil.weebly.com/uploads/1/3/4/3/134320996/389617.pdfIn PDF document text
- https://wudajelenap.weebly.com/uploads/1/3/4/4/134470879/doparoduvo.pdfIn PDF document text
- https://jezogoxus.weebly.com/uploads/1/3/4/4/134402646/femigad.pdfIn PDF document text
- https://mugevodotigo.weebly.com/uploads/1/3/0/7/130740084/femazupajegakar.pdfIn PDF document text
- http://pneuservischrudim.cz/files/file/muzekuwakipi.pdfIn PDF document text
- http://www.hkwebdesign.com.hk/wp-content/plugins/formcraft/file-upload/server/content/files/161fab6d702c69---32582900676.pdfIn PDF document text
- https://fivixevovisobav.weebly.com/uploads/1/3/1/3/131380347/1defe.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
+3 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00039500.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x39500 | 10644 bytes |
SHA-256: c8b6eb07d4e8b22ae08f02313141284bae6c97f6e3b02738431c06f3fe8931d9 |
|||
font_01_sfnt_off0003ad6f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3AD6F | 17156 bytes |
SHA-256: a3407186bcc00c804205e94879a95b176e6c16aa70541c06133d878f87d58f84 |
|||
font_02_sfnt_off0003da0f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3DA0F | 16792 bytes |
SHA-256: 9d2294e344127da9ddc2b77d68b1576b6b78373885bc9da2859f180a98f2c1e1 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.