MALICIOUS
120
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF file contains a link disguised as a user manual search query. This link redirects to a malicious domain, indicating a phishing or social engineering attempt. The PDF also hosts a large number of external links, suggesting it's part of a link farm designed to distribute malicious content.
Heuristics 3
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.cc/wix?keyword=panasonic+model+kx-tgda20+user+manual
- https://static.usrfiles.com/ugd/f3ecbe_274a8608a70c4081a95dcea20e5410b6.pdf
- https://static.usrfiles.com/ugd/b8c837_0775ccb3b10543b584732e3dc8571d0a.pdf
- https://static.usrfiles.com/ugd/badafb_7615ea4a5edf41009b93d3f5382dfddb.pdf
- https://static.usrfiles.com/ugd/8dde66_4c5952f6272c49fa984da5e0199c847e.pdf
- https://static.usrfiles.com/ugd/3e5d97_7b98e98b60be40c8bf76e3e1780f3491.pdf
- https://static.usrfiles.com/ugd/b8c837_ca7bd45308a040af9b29010b968ec1ce.pdf
- https://static.usrfiles.com/ugd/585b1d_12427d8197e14ba0bd1c28b99ca20837.pdf
- https://static.usrfiles.com/ugd/19ce5d_010795e1e23b4aa49bf091066ee0971a.pdf
- https://static.usrfiles.com/ugd/b444d4_0f20987a5b734697926cd780c0887711.pdf
- https://static.usrfiles.com/ugd/b910ae_6617f16d274d4c46b233d03ef9bbbdfd.pdf
- https://cdn.shopify.com/s/files/1/0432/3832/6432/files/30_beats_full_movie.pdf
- https://cdn.shopify.com/s/files/1/0439/5309/4811/files/wosifisulaxidu.pdf
- https://cdn.shopify.com/s/files/1/0432/5795/4464/files/febiwejazikabixo.pdf
- https://cdn.shopify.com/s/files/1/0431/5630/8123/files/ethiopian_agro_ecological_zones.pdf
- https://cdn.shopify.com/s/files/1/0429/2896/3747/files/enlace_metalico_caracteristicas.pdf
- https://cdn.shopify.com/s/files/1/0430/7966/3765/files/74986892547.pdf
- https://cdn.shopify.com/s/files/1/0435/8524/1245/files/grunch_de_gigantes_spanish_works.pdf
- https://cdn.shopify.com/s/files/1/0433/9033/7178/files/al_masry_al_youm.pdf
- https://cdn.shopify.com/s/files/1/0448/4349/9677/files/cambridge_english_grammar_and_vocabulary_for_first.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
- https://cdn.shopify.com/s/file
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00006f1f.bin79c50973810dc8e601e585d90cd3def874afb6bee453dc4fcb60c187717e8e7c |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x6F1F | 5696 bytes |
font_01_sfnt_off0000826a.bind07ed88afa733fe80eb97bf9d97d0d154b5a9cfcdbea2e8bee107d4802b0eac4 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x826A | 12624 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.