PDF malware analysis — malicious · 0c0deb834b6d89fb

MALICIOUS

PDF

46.9 KB Created: 2020-10-31 00:01:56 +02:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 4.8.7)

MD5: c491f9135dc17e0f0d5d5596f113fb32 SHA-1: 0601e7457a63da6797ae03932e1c363ae7a5ff95 SHA-256: 0c0deb834b6d89fb17607bf1cc7c928f4d743b7d3c23d70bba65f5c4749289ae

62 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The PDF contains a heuristic firing for a malicious redirector link, which points to a URL that appears to be a lure for downloading a PDF. The embedded URL is the primary indicator of malicious intent, likely leading to a second-stage download or exploit. No scripts were extracted from this sample.

Machine Learning

Nyx PDF Classifier suspicious score 0.4286

Heuristics 2

PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK

PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://ttraff.club/123?keyword=encyclopedia+of+spirits+judika+illes+pdf+download

Open this report in the interactive analyzer, or submit your own file for analysis.