MALICIOUS
194
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 1.0000
Heuristics 5
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://gettraff.ru/aws?keyword=indian+criminal+law+books+pdf In PDF document text
- https://cdn-cms.f-static.net/uploads/4367925/normal_5f8ede6835527.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4374359/normal_5f8a7ea3e32d5.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4365634/normal_5f8b55af737b1.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366666/normal_5f874caac9211.pdfIn PDF document text
- https://meporolokiso.weebly.com/uploads/1/3/2/6/132681401/3142167.pdfIn PDF document text
- https://fodezamu.weebly.com/uploads/1/3/1/4/131407453/jugepuzor-foxugulewozovem-fogewelaninepi-lababusil.pdfIn PDF document text
- https://dokodajibebabek.weebly.com/uploads/1/3/2/3/132302773/1765082.pdfIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- https://s3.amazonaws.com/tesasubawalozan/modern_automotive_technology_2004.pdfIn PDF document text
- https://s3.amazonaws.com/punurum/53283039633.pdfIn PDF document text
- https://s3.amazonaws.com/bikikanafopavu/terry_eagleton_materialism.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/3282d152-9b75-4a3c-b60c-e10cd59089c4/fokofasegimosusito.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e7e1f700-c9f1-4590-8fdc-a4a469e072eb/rekin.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/153e05f4-0da8-40ce-a59a-4c07980f6b10/fekunoximosim.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/94893949-a63f-4e76-9f0f-515ea49247df/what_is_conduction_current.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/ea268367-523e-400e-bb0f-d9f5da14bae3/22576112608.pdfIn PDF document text
- https://s3.amazonaws.com/kigavanus/62958089407.pdfIn PDF document text
- https://s3.amazonaws.com/xanebavifamopez/55440352506.pdfIn PDF document text
- https://s3.amazonaws.com/purixifusipelid/pdf_file_convert_into_excel.pdfIn PDF document text
- https://s3.amazonaws.com/xanebavifamopez/40487176992.pdfIn PDF document text
- https://s3.amazonaws.com/zirojopemup/black_codes_and_jim_crow_laws.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/75175d9e-0a79-4076-bb73-47edd395fa73/nalaxevijusisa.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/4961d6a0-c433-46a0-bfa5-e1551583b592/37497310639.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/39945f9f-7e15-4953-95ee-990ac71441da/23567105668.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/2a29b501-901a-4f38-91f3-007560cce618/xexebeluzu.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/a1f5be67-8ad4-4bbe-ad28-983c17945a47/56643031171.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://ns.adobe.com/xap/1.0/rights/In PDF document text
- http://scripts.sil.org/OFLIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000645d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x645D | 5536 bytes |
SHA-256: 0cfbcbd85d492bd55c234bb4a615299d5ff6b60f663608ff67179bba94030865 |
|||
font_01_sfnt_off0000771f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x771F | 10436 bytes |
SHA-256: 87f65e5c0bdc6ad2452fb941a6bbe85ac0f07b9f4868a99e18ec1d15b31527be |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.