PDF malware analysis — malicious · 427e2d2d55d1db97

MALICIOUS

PDF

83.6 KB Created: 2020-11-13 04:01:29 +02:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 4.8.7) First seen: 2026-06-04

MD5: d11917a5b2db65e15af2a963e245ae7d SHA-1: 3a7555d1840ea3e42ae8938da62b2845fd409322 SHA-256: 427e2d2d55d1db978e5c3738e810e03f24142db7c0a3f1685e195c5c566af68c

62 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The PDF file contains an embedded URL that points to a known malicious redirector. This suggests the document is part of a phishing or malware distribution campaign, likely delivered as a spearphishing attachment. The redirector is designed to obscure the final destination, increasing the likelihood of successful compromise.

Machine Learning

Nyx PDF Classifier clean score 0.1730

Heuristics 2

PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK

PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://traffine.ru/aws?utm_term=cepton+lidar+pdf In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.