MALICIOUS
172
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF file is identified as malicious due to critical heuristic firings indicating it is a redirector link to known malicious infrastructure. The document's structure suggests it's an image-only lure, typical for phishing campaigns. The embedded URL, https://yafferge.ru/award?keyword=shimano+deore+lx+schaltung+einstellen+anleitung+pdf, is the primary indicator of malicious intent, likely leading to a phishing page or malware download.
Machine Learning
- Nyx PDF Classifier malicious score 0.5491
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 61 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/award?keyword=shimano+deore+lx+schaltung+einstellen+anleitung+pdf
- http://shop-profildoors.ru/how_do_you_forgive_and_forget_infidelityzuapb.pdf
- http://idealica-ordina.site/free_online_movies_2020_apk_downloadujzs1.pdf
- https://cdn-cms.f-static.net/uploads/4407793/normal_6044ffe1c5e30.pdf
- http://infonewsuk.site/sony_led_tv_32_inch_price_in_kenyarbab9.pdf
- https://cdn-cms.f-static.net/uploads/4379732/normal_5fd60d4574bbf.pdf
- https://cdn-cms.f-static.net/uploads/4417414/normal_600f95e4dfde7.pdf
- http://frontglass.xyz/870766994529rk5u.pdf
- https://pekumovulimezel.weebly.com/uploads/1/3/4/3/134363026/64740b0.pdf
- https://lekipavovat.weebly.com/uploads/1/3/4/3/134332936/bf34e.pdf
- http://healsmall.space/56706629488d3tcm.pdf
- http://eurosett.net/levib4yw6p.pdf
- http://copyrighytsupport.com/biblia_de_estudio_para_la_mujer_nvi_leather_soft_tela_lilac25dcu.pdf
- https://texitanoz.weebly.com/uploads/1/3/0/7/130739996/5789807.pdf
- https://cdn-cms.f-static.net/uploads/4409103/normal_60228c1648e5c.pdf
- http://13millions-warzone.store/99253787949pz60v.pdf
- https://static.s123-cdn-static.com/uploads/4404984/normal_5fdc9ac8b4b6b.pdf
- https://static.s123-cdn-static.com/uploads/4392877/normal_5ff3ecb261ed0.pdf
- https://fefokivaz.weebly.com/uploads/1/3/0/7/130776727/5e8066d008fd678.pdf
- https://botomaluxezevip.weebly.com/uploads/1/3/4/3/134340767/mubif.pdf
- https://static.s123-cdn-static.com/uploads/4491169/normal_60029f8be7f71.pdf
- https://61df3396-90b5-4b69-a3ae-475c9da6ebc5.filesusr.com/ugd/516574_739e52694a9d461cb63a261ce95f2050.pdf?index=true
- https://8a7e94d2-1b07-4399-8a7b-cfebf1eb419e.filesusr.com/ugd/e78b77_9c80fccb0b6a4242a400cae621e5500b.pdf?index=true
- https://98be45bc-63b9-4117-aff7-84a3d4f2c4a0.filesusr.com/ugd/90c678_9f66c1c254664a8fa1399d7f92cf36d6.pdf?index=true
Open this report in the interactive analyzer, or submit your own file for analysis.