MALICIOUS
154
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF file was detected as malicious by ClamAV and an ML classifier, exhibiting characteristics of a phishing or malware distribution lure. It contains a large number of external links, many pointing to potentially malicious domains, suggesting a link farm or redirection mechanism. The document body, though heavily corrupted, appears to be an attempt to disguise the malicious intent by referencing a search query for 'Definition of religion by different scholars pdf'. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9470
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://baarspo.ru/award?keyword=definition+of+religion+by+different+scholars+pdf
- https://mokoxobijukox.weebly.com/uploads/1/3/4/3/134321678/maloxodirev.pdf
- https://rajevolid.weebly.com/uploads/1/3/0/8/130813967/fe62a0c6.pdf
- https://cdn.sqhk.co/desogepupema/XjixgTQ/car_racing_games_free_download_for_pc.pdf
- https://fezipogapatud.weebly.com/uploads/1/3/4/8/134888370/fe55b7b6.pdf
- https://dazutexigamufo.weebly.com/uploads/1/3/2/7/132740900/mipumabufajobu-kiniridus-logalazud-lizumu.pdf
- https://cdn.sqhk.co/butemobe/JhiOkhh/tagify_best_hashtags_for_instagram_2018.pdf
- https://cdn.sqhk.co/nasubivapu/fgjjigd/pebatepugasogenodexegib.pdf
- https://zuzesewijolane.weebly.com/uploads/1/3/1/4/131406438/maxiveboxose_lamarovur_filonimiluveva_tibopowuvutemu.pdf
- https://3e1ae61b-6b68-46dc-8a90-d1c7a5b9f91c.filesusr.com/ugd/b8bbd7_092a39d391c440ad9214a8b82aa5b259.pdf?index=true
- https://6d706a39-1f93-4f1a-9423-caccf7e65e71.filesusr.com/ugd/69f91f_05daa7da17f44285a2d6ab353ab1f54a.pdf?index=true
- https://uploads.strikinglycdn.com/files/dae32118-1e6f-4218-b451-c51ea38a54b1/wuraleligobosawi.pdf
- https://9fb0fece-6c2a-4f8b-8ff1-5d9ea67f5ee7.filesusr.com/ugd/f6a907_37a232bd85f4464d89966edb866583f2.pdf?index=true
- https://9ef77391-fdd1-48d8-ba15-364b07375333.filesusr.com/ugd/ebefdf_b2c10b06b13d47418221895693ab7c92.pdf?index=true
- http://nawuxek.rf.gd/pogasijenokoti.pdf
- https://uploads.strikinglycdn.com/files/54a14b55-7851-4061-870b-1174bb40e62e/suwesupozuraboruvek.pdf
- http://fokafupu.rf.gd/34089996101.pdf
- https://1e1f235d-56dd-4976-b20d-d38e3fe7b172.filesusr.com/ugd/210b45_57953004b9764fff8569e6757469c97c.pdf?index=true
- https://uploads.strikinglycdn.com/files/6e06c95f-265e-4fb0-9c6a-4b192f5d4162/240_vocabulary_words_3rd_grade.pdf
- https://uploads.strikinglycdn.com/files/fd07bf25-3bc0-41a0-b1ff-3bee45f9db7e/dell_inspiron_570_ram_specs.pdf
- https://50b7e5d6-ab0e-41ff-bbcb-47d024e5c277.filesusr.com/ugd/45d8ab_274c798cde2b4b2393a73e169a35f6d8.pdf?index=true
- https://34e51215-b586-4e01-b3ea-a219475a7b91.filesusr.com/ugd/46481b_b55a377c4cbe437d83433d8944a1af39.pdf?index=true
- https://18aefb47-0221-41c7-ace0-4f78eb33e730.filesusr.com/ugd/bca722_e78829b34272443ca591f8e6e28f9637.pdf?index=true
Open this report in the interactive analyzer, or submit your own file for analysis.