MALICIOUS
172
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF file is identified as malicious by ClamAV and an ML classifier. It employs a common phishing technique by presenting a full-page image as a lure, with a hidden clickable action that redirects to the URL https://yafferge.ru/strik?utm_term=fz+220+price+in+india. This URL is flagged as a known malicious redirector, indicating a likely attempt to phish credentials or deliver further malware.
Machine Learning
- Nyx PDF Classifier malicious score 0.7345
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 58 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/strik?utm_term=fz+220+price+in+india
- https://cdn.sqhk.co/gizetinediz/hgvieic/avatar_1_full_movie_english.pdf
- https://cdn-cms.f-static.net/uploads/4426059/normal_603c36e0d6c5b.pdf
- https://cdn.sqhk.co/sunalikefazo/iNzghfS/kudorupijil.pdf
- https://cdn.sqhk.co/sofetarunox/ibFpgjg/muzibuwugu.pdf
- http://vurejowug.mypressonline.com/acrobat_app_download.pdf
- https://cdn-cms.f-static.net/uploads/4483365/normal_602d8a0a53106.pdf
- https://cdn-cms.f-static.net/uploads/4367646/normal_6009cc7292a85.pdf
- http://lagejarejitog.mypressonline.com/36432074677.pdf
- http://jovopomutulilo.medianewsonline.com/56528426732.pdf
- https://cdn.sqhk.co/xovopebe/ehhgstJ/kali_mata_ji_ki_aarti.pdf
- http://gopadaxin.mywebcommunity.org/zaxoxasewoganamutajower.pdf
- https://uploads.strikinglycdn.com/files/2fd5d5aa-2592-4f65-89e7-8bc07984820c/how_to_avoid_gaining_weight_after_gastric_sleeve.pdf
- https://a161ff94-1a6f-4367-b6f8-8e513a5e676d.filesusr.com/ugd/4c7633_377c837614f145c8b3e11c2f72c97044.pdf?index=true
- https://89e1056b-8c01-44a4-bea5-a80a497d444f.filesusr.com/ugd/6db6f7_16cdb1514cbc41e9998f4bac7aa807c6.pdf?index=true
- https://uploads.strikinglycdn.com/files/035ff986-3859-4b8a-9deb-9eefbb254a5e/89715641156.pdf
- https://c5c1e25b-3ca9-4f8f-aecb-0ee3b29cb37b.filesusr.com/ugd/f4fe7b_3ecb3311749a456a95ea70f2170664d8.pdf?index=true
- https://uploads.strikinglycdn.com/files/a8216be1-5a79-4a86-8c97-8f7349ed8254/corsair_k95_software.pdf
- https://4dcfe184-cd6c-48f8-9f23-5461c743a1d4.filesusr.com/ugd/cc8533_8464769957b240fba0ac22a7f96bc8e1.pdf?index=true
- https://uploads.strikinglycdn.com/files/f8525d86-7430-4724-8170-9e1c408d7d9d/cold_brew_iced_coffee_dunkin_donuts_calories.pdf
- https://fb7bf4c5-056f-4058-a7d1-073478569b53.filesusr.com/ugd/d90490_77e20f30b8ab4cbd9721fb715417576c.pdf?index=true
- https://f2d828cf-06d9-46ea-85af-d88b0bc20d44.filesusr.com/ugd/501a20_0eaff4f287134b33b74a7fcbac37f765.pdf?index=true
Open this report in the interactive analyzer, or submit your own file for analysis.