PDF malware analysis — malicious · 51425e9185481d83

MALICIOUS

PDF

41.7 KB Authoring application: Nitro PDF

MD5: 367bcd564a1d7c0bc1456cdc38b3184c SHA-1: 1efcda29c3874ffce2a5f57f8c18e4c0df1294ab SHA-256: 51425e9185481d838086bda0823c2fe67c9e1ee969038e47120b1dfcfc225fe6

92 Risk Score

Malware Insights

MITRE ATT&CK

T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The file is a PDF document that contains embedded links. The document body text, which mentions 'Chinese checkers game online 2 players', serves as a lure to encourage users to click on these links. The embedded URLs point to other PDF files, suggesting a multi-stage download or redirection to malicious content. The ClamAV detection and ML classifier strongly indicate malicious intent, likely related to phishing or malware distribution.

Machine Learning

Nyx PDF Classifier malicious score 0.9993

Heuristics 3

ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://camidogtraining.com/uploads/1/3/0/3/130379074/gabajaw.pdf
- http://californiaspac.com/uploads/1/3/0/5/130588290/2281f.pdf
- http://nathaniel-gaynor.com/uploads/1/3/0/6/130639123/goxelijo_wakukovi.pdf
- http://momentumwomenscenter.com/uploads/1/3/0/4/130491166/130491166.html#chinese+checkers+game+online+2+players

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`font_00_sfnt_off00001029.bin` `2bdd43c8ee54c97c459e90f64d4591925e7f770ec573efee3e34952b76adb3d7`	pdf-font-stream	PDF embedded font (sfnt) at offset 0x1029	8976 bytes

Open this report in the interactive analyzer, or submit your own file for analysis.