MALICIOUS
182
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains numerous embedded links, with at least one identified as a malicious redirector. The document body, though heavily corrupted, suggests a lure related to product information, likely to trick users into clicking the malicious links. The presence of multiple disposable domains and redirector links indicates a phishing or scam attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.7471
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF is a non-clustered link farm on disposable hosting medium PDF_SEO_DISPOSABLE_LINK_FARMSmall PDF contains many clickable external PDF links spread thin across many distinct hosts (no single dominant host), corroborated by a utm_term SEO-redirector link and/or links parked on free/disposable content hosts. This is the 'free document/template' SEO phishing PDF family, which ranks for search queries and routes users into payload/redirect chains, rather than a normal document citation pattern. The PDF itself carries no exploit — the risk is the linked destinations.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://dafemum.ru/strik?utm_term=porter+cable+16+gauge+nail+gun+not+firing In PDF document text
- http://jigikujed.scienceontheweb.net/confessions_of_st_augustine_free.pdfIn PDF document text
- http://shortsomfj.space/starbound_pixel_farming_guidev77du.pdfIn PDF document text
- http://wugupomovupa.sportsontheweb.net/alveolar_sounds.pdfIn PDF document text
- http://znatural.space/69346302620hhwld.pdfIn PDF document text
- http://tublitalia.space/relozofimilitivireva717i.pdfIn PDF document text
- http://lnstagramcopyrightmanagement.com/wiromufezipisukanizfvmgg.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4490515/normal_6020b8294066c.pdfIn PDF document text
- https://cdn.sqhk.co/pananumujo/jgbiiji/annelids_online_battle_game.pdfIn PDF document text
- http://xelasurugopu.mywebcommunity.org/engineering_workshop_materials_list.pdfIn PDF document text
- https://cdn.sqhk.co/xafeperale/jhc0iaG/off_road_outlaw_4x4_monster_truck_games.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4491437/normal_5fe77aea54689.pdfIn PDF document text
- http://helplnstagramcontact6088758.com/58849693721ysu96.pdfIn PDF document text
- https://8cff94d3-ecab-4ea5-ad27-d3e67d02fd32.filesusr.com/ugd/2813e2_c944664175b447708ddafdb9fec20be6.pdf?index=trueIn PDF document text
- https://94aa8f26-b07a-4c24-bdb4-4112657565c9.filesusr.com/ugd/37428b_cc265e08b4214f56a68e687d4dcf86e1.pdf?index=trueIn PDF document text
- https://d5fb4b5d-766d-4e54-ab1c-ecc61d2b7d82.filesusr.com/ugd/b0c8dc_024bcc17b0354945b4ebfe198fcd6381.pdf?index=trueIn PDF document text
- https://89e5ed4a-33eb-42a6-b5f1-9fc07ea1e15b.filesusr.com/ugd/ff68bb_ed04e4ca02af43b296b4e0d469496087.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/xufujofaleki/the_lord_of_the_rings_the_motion_picture_trilogy_4k_gift_set.pdfIn PDF document text
- https://s3.amazonaws.com/zidenigad/2359911890.pdfIn PDF document text
- https://4f65501f-cdae-4966-b9db-49b15ad9d196.filesusr.com/ugd/52b593_ecd0d5b0f5084f808c487e81857fd06f.pdf?index=trueIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.