MALICIOUS
94
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is a PDF that contains an embedded URI pointing to a suspicious domain, identified by ClamAV as a phishing trojan. The document body, though heavily obfuscated, appears to be related to academic content, suggesting a lure. No scripts were extracted, but the presence of the malicious URL and the ML/ClamAV detections strongly indicate a phishing attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.7433
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://crophysi.ru/award?keyword=pronunciation+of+regular+past+tense+verbs+pdf PDF link annotation
- https://cdn.sqhk.co/menasimax/daaijid/warhammer_quest_shadows_over_hammerhal_solo.pdfIn PDF document text
- https://cdn.sqhk.co/runudori/FSihqjj/slack_stock_price_after_hours.pdfIn PDF document text
- https://cdn.sqhk.co/rafopaluko/QLhdidT/hunter_assassin_mod_apk_download_unlock_all_characters.pdfIn PDF document text
- https://cdn.sqhk.co/pasededi/mjgjeSI/vidumiwir.pdfIn PDF document text
- https://s3.amazonaws.com/jinabom/what_was_the_long-term_significance_of_the_marbury_v._madison_ruling.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/3b774e0d-f0bd-40f0-91a4-65c0d4aba5ea/craftsman_wet_dry_vac_attachments.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/859a9900-e883-4deb-82de-00907332a420/what_does_dapple_mean_in_spanish.pdfIn PDF document text
- https://s3.amazonaws.com/xoguwavosuje/past_perfect_continuous_tense_test_with_answers.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/216d2436-44b3-4fc8-ad6a-f19313143bcc/losimesonokivolupaduko.pdfIn PDF document text
- https://s3.amazonaws.com/bupijila/notes_za_biology_form_2.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/35913aa7-f5ef-4fa8-863a-175ff8ab9e82/checklist_manifesto_review.pdfIn PDF document text
- https://s3.amazonaws.com/sajatofubote/kubedojixabisi.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/38c5df16-7769-4edd-a72d-217a52f918e3/38508122569.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/6e57cb4a-a7fa-4c69-ab52-cdaaa3f115de/bill_james_baseball_abstract_1987.pdfIn PDF document text
- https://s3.amazonaws.com/pizexopenaxu/autocad_free_2016_version.pdfIn PDF document text
- https://s3.amazonaws.com/bakoloj/einaudi_nuvole_bianche_piano_sheet_music.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/758d8958-ae15-4696-add5-577e00847a6e/does_covid_cause_increased_blood_pressure.pdfIn PDF document text
- https://s3.amazonaws.com/xugigabitulu/54067502758.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/be16892d-a1a4-44ac-b3ef-74cd821dd331/where_can_i_buy_american_journey_dog_food_near_me.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/87844d4c-92bd-4075-8820-d3972c901228/english_literature_masters_programs_in_canada.pdfIn PDF document text
- https://s3.amazonaws.com/lolijexejomak/88747037673.pdfIn PDF document text
- https://s3.amazonaws.com/kigavanus/78889258803.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e7c28053-3127-4632-ada6-72b1931d38f4/iphone_5c_price_in_amazon.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.