MALICIOUS
120
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF file contains a heuristic firing for a malicious redirector link, specifically pointing to 'https://ttraff.cc/wix?keyword=sony+kdl-+50w829'. Additionally, it exhibits characteristics of a PDF link farm, with numerous embedded URLs. The document body, though partially corrupted, contains the same suspicious URL and appears to be a lure related to a product, suggesting a phishing or scam attempt.
Heuristics 3
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.cc/wix?keyword=sony+kdl-+50w829
- https://static.usrfiles.com/ugd/b8c837_dce6b614c31746b3a4c9b72b73c21fbc.pdf
- https://static.usrfiles.com/ugd/b8c837_7c5a5f1c004b43e59988ca5e22f8c7ce.pdf
- https://static.usrfiles.com/ugd/0d2908_b6fdcaf9fcf84afbb8708fac6c6b3d71.pdf
- https://static.usrfiles.com/ugd/b8c837_611ab0e9ed0f4056b6505d083582c493.pdf
- https://static.usrfiles.com/ugd/b8c837_5efe5833b3c54858ac7df3b96a4a7ffc.pdf
- https://static.usrfiles.com/ugd/badafb_8c16af416c934772955d99de6f062ea4.pdf
- https://static.usrfiles.com/ugd/3f4b99_975f0380ecd54492ab391e82f70ec55c.pdf
- https://static.usrfiles.com/ugd/7f16bd_a65f1f44bd9d492f8253d2e2287dd0d6.pdf
- https://static.usrfiles.com/ugd/b8c837_a4aeacf440b9427d9770210312cc028b.pdf
- https://static.usrfiles.com/ugd/63022f_375cdfe383554443a6446a85990b77e0.pdf
- https://static.usrfiles.com/ugd/b8c837_bb27de6cef0b4598afe0d75b800c6143.pdf
- https://static.usrfiles.com/ugd/b8c837_01e1234bd0d24316aa0dcd253e7169a6.pdf
- https://static.usrfiles.com/ugd/3e87bf_726225202b62411da077111536c08250.pdf
- https://static.usrfiles.com/ugd/b8c837_4599b1e1f34d4d9885625c493d52c647.pdf
- https://static.usrfiles.com/ugd/b8c837_6e14e57d5b084f45bf420dce094d6a1d.pdf
- https://static.usrfiles.com/ugd/e1c37d_d6dcff4e1e6f430993368b43151483a9.pdf
- https://static.usrfiles.com/ugd/b8c837_aa9ca426d15349f3a5bc093628f85eeb.pdf
- https://static.usrfiles.com/ugd/e5a943_df5afea651f746dbb93803ee0a7bd15e.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00006516.bin726a3df13a6a20706f2c867c997fe91a0104670d5a5a622597233730104f8df6 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x6516 | 5476 bytes |
font_01_sfnt_off000077f8.bin15317df985d50bb3f76ac44017536cb0e43294578d08447117cc1cc2ed04a9c4 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x77F8 | 10024 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.