MALICIOUS
152
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains a link farm and redirects to a known malicious URL, indicating an attempt to lead the user to a malicious site. The document body, though heavily obfuscated, contains the target URL, suggesting a lure to download further malicious content or engage in phishing. The ML classifier strongly supports the malicious nature of this PDF.
Machine Learning
- Nyx PDF Classifier malicious score 0.9995
Heuristics 3
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ggtraff.ru/strik?keyword=poulan+wild+thing+chainsaw+manual
- https://kiseridebajesa.weebly.com/uploads/1/3/1/4/131408791/c0d19930f758.pdf
- https://nudojafobedem.weebly.com/uploads/1/3/1/3/131379550/pisuguse.pdf
- https://cdn-cms.f-static.net/uploads/4418781/normal_5f9a06cf416a9.pdf
- https://zewuxufasebi.weebly.com/uploads/1/3/4/3/134320084/pigatixuvutol-pituda.pdf
- https://cdn-cms.f-static.net/uploads/4379029/normal_5f8ff516004a6.pdf
- https://lamuvoraraxuz.weebly.com/uploads/1/3/4/4/134486612/1475384.pdf
- https://tubenuluni.weebly.com/uploads/1/3/1/4/131437864/62f68a87.pdf
- https://xoraxabaxid.weebly.com/uploads/1/3/2/6/132682630/gesanabinupudo_balepawuremex.pdf
- https://moguvikob.weebly.com/uploads/1/3/0/8/130874292/7673596.pdf
- https://jatorogerujew.weebly.com/uploads/1/3/2/7/132710569/jixidused.pdf
- https://rukazoxet.weebly.com/uploads/1/3/4/0/134040508/jokobosu.pdf
- https://jopalezaleloloj.weebly.com/uploads/1/3/1/3/131380469/6186674.pdf
- https://cdn-cms.f-static.net/uploads/4422392/normal_5f970a9de8976.pdf
- https://naroxelilokatud.weebly.com/uploads/1/3/1/3/131384214/5146737.pdf
- https://palozemoxapido.weebly.com/uploads/1/3/4/3/134366311/kimetowaginox.pdf
- https://mezuminekafowiw.weebly.com/uploads/1/3/4/3/134346911/jogisuwugewulim.pdf
- https://cdn.shopify.com/s/files/1/0493/6597/5199/files/nationalism_in_the_19th_century_dbq.pdf
- https://uploads.strikinglycdn.com/files/57bb5c8f-38da-4916-a633-f99a8bdd5191/61428421151.pdf
- https://cdn.shopify.com/s/files/1/0494/2499/0363/files/88330517855.pdf
- https://cdn.shopify.com/s/files/1/0434/8359/4909/files/kofopob.pdf
- https://uploads.strikinglycdn.com/files/231819f6-d1e3-40e6-93a7-9e9ca1b583f5/histoire_du_logement_social_en_france.pdf
- https://cdn.shopify.com/s/files/1/0483/6802/5751/files/there_goes_a_train_part_1.pdf
- https://uploads.strikinglycdn.com/files/f1e65593-330d-4652-8172-05399dca575b/desexekapi.pdf
- https://uploads.strikinglycdn.com/files/e1422105-3eaa-45e3-b26c-089ddde08ace/18820058537.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.