MALICIOUS
232
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF is designed as a phishing lure, presenting itself as a document but containing a hidden malicious link. The heuristic PDF_IMAGE_LURE indicates it's an image-based document with an action trigger, and PDF_MALICIOUS_REDIRECTOR_LINK confirms it points to known malicious infrastructure. The embedded URL likely leads to a phishing site to harvest credentials.
Machine Learning
- Nyx PDF Classifier malicious score 0.6563
Heuristics 5
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 44 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/award?keyword=axis+and+allies+miniatures+expanded+rules+pdf
- http://poradoit2.site/pijodemira79w75.pdf
- https://lifulufo.weebly.com/uploads/1/3/1/3/131379971/samowoji_zalebagosixi.pdf
- https://xelewutoritawi.weebly.com/uploads/1/3/1/0/131070131/julixagizomeze.pdf
- https://kapebuzuzevasa.weebly.com/uploads/1/3/4/5/134587117/eebaa46d241e6cd.pdf
- http://probmaka.tech/creative_inspire_t3030gkmh1.pdf
- http://shopee24.site/apex_legends_stuck_on_preparing0d4sp.pdf
- http://espaceclient-cmb.com/30787654705exhh6.pdf
- http://dream-stat.ru/luvefonejuzokuih6n.pdf
- https://vibusipapomokij.weebly.com/uploads/1/3/2/6/132682711/425fb35031ff5.pdf
- http://italywow.pro/fopoxg8own.pdf
- https://rekizutor.weebly.com/uploads/1/3/0/9/130969391/ef7473a7a846d.pdf
- http://granitmetrospecstroy.ru/strength_training_routine_for_weight_loss121sg.pdf
- https://uploads.strikinglycdn.com/files/2bad1786-fc01-4677-a44f-d1451e90540b/zumujiguvizalawurofuk.pdf
- https://uploads.strikinglycdn.com/files/0f88e3b9-83be-4583-9957-3e567fabd471/pendragon_book_1_online_free.pdf
- https://uploads.strikinglycdn.com/files/9d8678b9-44af-4e18-8e18-fa19319b5da8/61390320754.pdf
- https://uploads.strikinglycdn.com/files/487094ab-382b-482c-9739-9d3693f92932/62402735994.pdf
- https://s3.amazonaws.com/paxunu/besorufisawudurarabar.pdf
- https://uploads.strikinglycdn.com/files/ee01da44-8bbf-423e-b18b-72b7af889a65/pukotopabapaxefas.pdf
- https://s3.amazonaws.com/mokamoba/95379791981.pdf
- https://s3.amazonaws.com/vuxirefare/how_to_add_subtract_multiply_and_divide_in_excel_2007.pdf
- https://uploads.strikinglycdn.com/files/ae54dee0-f057-4afc-ae8a-347e07664830/why_is_my_epson_printer_not_printing_the_right_colors.pdf
- https://s3.amazonaws.com/xotomisen/kuziluxorakodumixo.pdf
- https://uploads.strikinglycdn.com/files/1e11f1f0-69fb-4755-b94d-da68a8941446/fusanopibipemivurekerusep.pdf
- https://s3.amazonaws.com/kumasala/93185323808.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.