MALICIOUS
152
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains a critical heuristic firing indicating it links to known malicious redirector infrastructure. The primary malicious URL identified is 'https://ggtraff.ru/strik?utm_term=active+assisted+movement+definition'. While no scripts were explicitly extracted, the PDF structure and the nature of the embedded link suggest an attempt to lure the user to a malicious site, likely for phishing or to download a secondary payload.
Machine Learning
- Nyx PDF Classifier malicious score 0.7455
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ggtraff.ru/strik?utm_term=active+assisted+movement+definition In PDF document text
- https://uploads.strikinglycdn.com/files/f0e55779-5a9b-4bbd-8e50-9626b442f492/56351535004.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1ba4d3a8-6d32-48b2-8b12-736950abb60e/95084457908.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/5808cefa-0fdb-47e8-82f2-4f48a2a913a3/lexuwak.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/65fdfaef-9d9e-40cc-b47d-8191c99dbfcd/53956780144.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/a4857581-949b-4eff-be61-ec15f5441876/split_movie_online.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/590e90b1-119c-4c94-b3d8-b1ccb3fdae10/navitech_navigasyon_indir.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/52aaec61-b4b9-45d9-ba4f-113b6abb91e1/50285252962.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/cb60e3df-5b99-4305-8933-6ef78f342cd8/97276390550.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/d44e8068-9c5d-4bc2-8b0e-c16114385bcd/puzajib.pdfIn PDF document text
- https://static1.squarespace.com/static/5fc6b5cb161f8068bec97957/t/5fcd0d230ab5d62febf6f957/1607273775654/f1_tv_coverage_canada_2020.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/51b24e67-6a35-4ccb-9b37-413b993ed0b7/zavawadebokatowumolikige.pdfIn PDF document text
- https://static1.squarespace.com/static/5fc645e29955c744b55fee38/t/5fd0556c26d54b3c06cfccf4/1607488877295/4460902106.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/c19f9834-4d7b-4299-aa1e-945db5f2e437/30274255122.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.