MALICIOUS
96
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
The PDF file was detected as malicious by ML classifiers and ClamAV, indicating a phishing or trojan threat. It contains an embedded URI pointing to a suspicious domain, likely intended to host a malicious payload or redirect the user to a phishing site. The document body, though heavily obfuscated, suggests a lure related to mathematical inequalities, which is a common tactic for phishing or malware distribution.
Machine Learning
- Nyx PDF Classifier malicious score 0.9992
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://seumenha.ru/strik?utm_term=solution+set+for+inequalities+ordered+pair
- http://clubstore.pro/budukimomazoyay1z.pdf
- http://sberpodarok2020.online/netflix_android_tv_apkh3uas.pdf
- http://modernstyle.pro/what_is_the_racial_breakdown_of_prison_population42bwd.pdf
- http://znohist.site/how_can_i_learn_chinese_for_freeh4en1.pdf
- http://psychologyrelax.xyz/vonazobotto4dz.pdf
- http://slimitalia.space/baahubali_movie_song_pagalworldzbzy4.pdf
- http://testersairf.xyz/808929428378kp38.pdf
- http://support-copyrighthelpservice-about.com/current_news_article_review_worksheet5fipq.pdf
- http://afracheat4.xyz/93230889583kft6a.pdf
- http://creditscoreusa.info/awadhesh_premi_2019_dj_mp4eczsg.pdf
- http://www.ascendercorp.com/
- http://www.ascendercorp.com/typedesigners.html
- https://s3.amazonaws.com/pusori/78997714709.pdf
- https://uploads.strikinglycdn.com/files/ab78c06e-a3a2-4db4-80e9-c25de2be5523/loradakono.pdf
- https://s3.amazonaws.com/mosezavor/how_to_use_chefs_choice_knife_sharpener_433.pdf
- https://s3.amazonaws.com/toniseligiwuzux/45900582861.pdf
- https://s3.amazonaws.com/kaxukok/how_to_solve_angles_in_parallel_lines.pdf
- https://s3.amazonaws.com/xidulumexi/57556185866.pdf
- https://s3.amazonaws.com/wewuxuviwar/zufexidinonubikumogotire.pdf
- https://s3.amazonaws.com/nilafafakem/telamusob.pdf
- https://s3.amazonaws.com/sutawowirosuvuv/what_word_is_a_synonym_for_daybreak.pdf
- https://s3.amazonaws.com/boxujetanonikuv/sukabipijef.pdf
- https://s3.amazonaws.com/diwitapezu/picture_logo_quiz_answers_level_15.pdf
- https://uploads.strikinglycdn.com/files/f467eeb6-a384-47e6-a8ff-96a59dd93a3f/18122175581.pdf
- https://uploads.strikinglycdn.com/files/895be5fe-99dc-4de2-a6a8-c44f1ac10927/puwajegafimul.pdf
- https://s3.amazonaws.com/xazarujokemus/37977477500.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
- http://scripts.sil.org/OFL
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000d1d2.bin25cfd141af7bf3cd5bbbbfa478702eb59a3c136189cf00e7bf28a808245146fa |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xD1D2 | 5264 bytes |
font_01_sfnt_off0000e3c7.bin4f4435cb28c20694a67d16f33fbbac42a3876647dc092857f87d1d07b48b4b09 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xE3C7 | 10520 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.