MALICIOUS
192
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9993
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://gettraff.ru/strik?keyword=napkinnate+mad+city+season+4 In PDF document text
- https://cdn-cms.f-static.net/uploads/4366033/normal_5f86f91798419.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366660/normal_5f87c7eda4e25.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4369932/normal_5f880259c8ea5.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366305/normal_5f878c0f46373.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366984/normal_5f879a38f030f.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366018/normal_5f876a1f68d05.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366031/normal_5f8703e24ff06.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4369173/normal_5f87b651a93d2.pdfIn PDF document text
- https://site-1038409.mozfiles.com/files/1038409/ladubopovinumifux.pdfIn PDF document text
- https://site-1040399.mozfiles.com/files/1040399/vokefelezoxasa.pdfIn PDF document text
- https://site-1048162.mozfiles.com/files/1048162/67278711239.pdfIn PDF document text
- http://www.ascendercorp.com/In extracted file (font_00_sfnt_off00007c1c.bin)
- http://www.ascendercorp.com/typedesigners.htmlIn extracted file (font_00_sfnt_off00007c1c.bin)
- https://cdn.shopify.com/s/files/1/0499/4374/0571/files/46851787884.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0434/3418/0769/files/ek_thi_daayan_full_movie_hd.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0485/3301/2635/files/empires_and_puzzles_hero_capacity.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0484/0079/3768/files/rajis.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0492/8189/2509/files/77862545259.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0481/7230/2503/files/tojebadinetelatub.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/a3f1f503-6960-4d9e-8a85-7bcd59b6858d/25799061771.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/4c026ccb-59d0-4c7c-bf64-e231b430a7ae/votagafekafimogeluge.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/4d2b2899-37cf-432c-9bf8-6009339e00c0/60917092287.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e449e0f2-ff3f-4caa-b866-fbffac960646/zaguwarox.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/040ca30f-0c9b-4f97-813f-033bdcdafcc6/56615605522.pdfIn PDF document text
- http://scripts.sil.org/OFLIn extracted file (font_00_sfnt_off00007c1c.bin)
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00007c1c.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x7C1C | 5312 bytes |
SHA-256: 15a01a186f105e4ffd1056f07d8d2f74abe997fbd89f1c6a741697a5f9d7744c |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.