SUSPICIOUS
34
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The sample is a PDF document that contains an embedded URL pointing to a suspicious domain. The ML classifier flagged this PDF as malicious with a high confidence score. The embedded URL is likely intended to redirect the user to a malicious site for further exploitation or phishing.
Machine Learning
- Nyx PDF Classifier malicious score 0.9929
Heuristics 2
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://trafftec.ru/aws?keyword=region+14+esc+abilene PDF link annotation
- https://dexetejitifite.weebly.com/uploads/1/3/4/5/134576896/d6f45.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4413113/normal_5f9ed0688351a.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4391899/normal_5f964ef7cbf7c.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4451753/normal_5fa48129ddac0.pdfIn PDF document text
- https://vikumeniwexawud.weebly.com/uploads/1/3/0/9/130969440/fipabatekak-kagarusufulosab.pdfIn PDF document text
- https://nikoxutaju.weebly.com/uploads/1/3/1/3/131378952/8c3237c.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4377120/normal_5f8ac8fe0363a.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4379473/normal_5f9240081e0a2.pdfIn PDF document text
- https://s3.amazonaws.com/godoremitiwuja/2428077925.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/62bbd7a0-59ba-4514-a511-8e5345ce2153/34257167223.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/98776701-1afc-4e60-a6b2-aedda6549682/11605785326.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.