MALICIOUS
152
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9996
Heuristics 3
-
ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://leasepurchasephilahomes.com/uploads/1/3/0/6/130605430/xudubigilane.pdf In PDF document text
- http://texasfinesse.com/uploads/1/3/0/6/130622116/wavenupinoz-wiwesota-mudavodatema-kilubilixaleve.pdfIn PDF document text
- http://guiadoipva.com/uploads/1/3/0/5/130551684/jofotaminuju.pdfIn PDF document text
- http://michianadrugtestingcenter.com/uploads/1/3/0/4/130491181/5670745.pdfIn PDF document text
- http://myleafandcompany.com/uploads/1/3/0/3/130313314/3848411.pdfIn PDF document text
- http://reddiamondbenefits.com/uploads/1/3/0/6/130620417/0c2aba48c891f9e.pdfIn PDF document text
- http://oursocialsecurityexpert.com/uploads/1/3/0/6/130604369/zutudino.pdfIn PDF document text
- http://theflyinggreenhouse.com/uploads/1/3/0/2/130270866/kodisigosulunig_netologuv_jamupimogipoji.pdfIn PDF document text
- http://alexpinkcook.com/uploads/1/3/0/2/130289613/7322537.pdfIn PDF document text
- http://bluhorizontravel.com/uploads/1/3/0/4/130435737/4048364.pdfIn PDF document text
- http://nokr.nl/uploads/1/3/0/7/130775714/ec44a854bed19bf.pdfIn PDF document text
- http://vasudh-n.com/uploads/1/3/0/5/130588779/waxiw_xolepemiwo_volixakuz_rupirowijo.pdfIn PDF document text
- http://gamefarm.org/uploads/1/3/0/6/130605015/1796711.pdfIn PDF document text
- http://ourgreenlittlevillage.com/uploads/1/3/0/5/130590235/nitalimijud_sonuletopijudus_kukalulawuv.pdfIn PDF document text
- http://soulintegration.com.au/uploads/1/3/0/5/130590531/momupunu-tamipasozog.pdfIn PDF document text
- http://alicetxchamber.org/uploads/1/3/0/4/130483866/detusegada.pdfIn PDF document text
- http://natemalone.com/uploads/1/3/0/5/130539940/121a26d58e629d.pdfIn PDF document text
- http://17art.ca/uploads/1/3/0/7/130776783/wegawekivepo.pdfIn PDF document text
- http://pathogenassassin.com/uploads/1/3/0/6/130620873/jebabuxibif.pdfIn PDF document text
- http://missbellasfriends.com/uploads/1/3/0/4/130483114/gopapiposibotux.pdfIn PDF document text
- http://lifeisdata.net/uploads/1/3/0/4/130476539/xazawovazam-nametugudov.pdfIn PDF document text
- http://pan-education.com/uploads/1/3/0/6/130640163/96b726daa.pdfIn PDF document text
- http://squarewave.org/uploads/1/3/0/7/130740351/fa1a758d0ae456f.pdfIn PDF document text
- http://krystinfladseth.com/uploads/1/3/0/6/130604177/130604177.html#passive+questions+exercise+pdfIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- https://fedoraproject.org/wiki/Licensing/LiberationFontLicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00003036.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3036 | 2684 bytes |
SHA-256: 90182e258c4a044c2ca334b17af6b9175e87237a1e81544cc1f8f4ce5fb5eaf9 |
|||
font_01_sfnt_off00003c1e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3C1E | 7716 bytes |
SHA-256: 8ede55d3167e4585644bf2c0543f249ec7694aaba6d1719cba74005a024678df |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.