MALICIOUS
152
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9998
Heuristics 3
-
ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://neeshazollinger.com/uploads/1/3/0/4/130488619/be60c62828c.pdf In PDF document text
- http://misscarladance.org/uploads/1/3/0/4/130435833/xinipo_fifojuvipuve.pdfIn PDF document text
- http://ncsdactivities.com/uploads/1/3/0/6/130639518/0be5e6b358.pdfIn PDF document text
- https://bixagisofumon.weebly.com/uploads/1/3/0/4/130483990/60197dde2177d.pdfIn PDF document text
- https://gumefonivebodi.weebly.com/uploads/1/3/0/6/130604494/xuvuxelaxanogurivo.pdfIn PDF document text
- http://orthogistic.com/uploads/1/3/0/4/130488282/9167279.pdfIn PDF document text
- http://customlovecandles.com/uploads/1/3/0/2/130291449/6d884f86b3.pdfIn PDF document text
- http://metroheatingandair.com/uploads/1/3/0/4/130476499/4bd90bee53.pdfIn PDF document text
- http://pbconsulting.us/uploads/1/3/0/3/130323148/mobujifoliluda.pdfIn PDF document text
- http://dgelectricinc.com/uploads/1/3/0/2/130287261/3327754.pdfIn PDF document text
- http://chubbycheetah.com/uploads/1/3/0/6/130603688/gomojokomapipev.pdfIn PDF document text
- https://kixovuvi.weebly.com/uploads/1/3/0/6/130604256/giladuwamokoko.pdfIn PDF document text
- http://cjentzart.com/uploads/1/3/0/6/130639032/lotenavikujug.pdfIn PDF document text
- http://koawarriors.com/uploads/1/3/0/4/130483236/9172359.pdfIn PDF document text
- http://mydne.com/uploads/1/3/0/3/130379561/xekesilapovini.pdfIn PDF document text
- http://mrappa.com/uploads/1/3/0/6/130605182/gurimazugut-tarejida-minudoxubexemel-bekeliligi.pdfIn PDF document text
- http://waylessepoxyflooring.com/uploads/1/3/0/6/130621257/jilisefi-bipetibusavewun-zoludazesujefu-kifopolemarix.pdfIn PDF document text
- http://lenka-photography.com/uploads/1/3/0/5/130588998/jitowomowivif.pdfIn PDF document text
- http://loguzepedi.conceptfashionfest.ru/uploads/2020/01/29/sibimoda.pdfIn PDF document text
- http://aclarkphotography.com/uploads/1/3/0/4/130491253/3dd0478d.pdfIn PDF document text
- http://mikebarnescoach.com/uploads/1/3/0/5/130551015/moviz.pdfIn PDF document text
- http://globalwarming1.com/uploads/1/3/0/6/130620441/8678038.pdfIn PDF document text
- http://staceyjanedouglas.com/uploads/1/3/0/5/130542866/sebejekafuwimu.pdfIn PDF document text
- http://mackenzieemievents.com/uploads/1/3/0/2/130289498/864b32.pdfIn PDF document text
- http://the-hemp-life.com/uploads/1/3/0/5/130539455/efa5d04ec.pdfIn PDF document text
- http://mojiles.net/uploads/1/3/0/2/130288682/130288682.html#emery+thompson+batch+freezer+craigslIn PDF document text
- http://dejavu.sourceforge.netIn PDF document text
- http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000019a1.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x19A1 | 9196 bytes |
SHA-256: 5c41b575ec16295d94c08c6abc1f79943cf3121168d9dd7ccf7611aeaaa63159 |
|||
font_01_sfnt_off00008aa5.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8AA5 | 16036 bytes |
SHA-256: 779aa567746046747dac965df7fdfb06ff632674a0a99ce247a327bf89f0fa63 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.