PDF malware analysis — malicious · 4634d6088ccef947

MALICIOUS

PDF

83.6 KB Created: 2020-11-13 04:01:29 +02:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 4.8.7) First seen: 2026-06-04

MD5: 5ea8339646b5922958aea6bd1bde6a27 SHA-1: c7a390736797235db2c013e67f313b43ab08b875 SHA-256: 4634d6088ccef947cdbeec7197ae7b75bbaf89d64b5680be5eb345789ff972dd

62 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The PDF file contains an embedded URL that points to a known malicious redirector. This suggests the document is part of a phishing or malware distribution campaign, likely delivered as a spearphishing attachment. The redirector is designed to obscure the final destination, increasing the likelihood of successful compromise.

Machine Learning

Nyx PDF Classifier clean score 0.1730

Heuristics 2

PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK

PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://traffine.ru/aws?utm_term=cepton+lidar+pdf In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.