MALICIOUS
124
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file embeds a large number of external links characteristic of an SEO link farm. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.9220
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Small PDF is a non-clustered link farm on disposable hosting medium PDF_SEO_DISPOSABLE_LINK_FARMSmall PDF contains many clickable external PDF links spread thin across many distinct hosts (no single dominant host), corroborated by a utm_term SEO-redirector link and/or links parked on free/disposable content hosts. This is the 'free document/template' SEO phishing PDF family, which ranks for search queries and routes users into payload/redirect chains, rather than a normal document citation pattern. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://bologen.ru/strik?utm_term=are+old+console+tvs+worth+anything PDF link annotation
- http://tusiteguluvora.getenjoyment.net/35732295669.pdfIn PDF document text
- http://mediaverifiedbadge.com/87285423011zw3ro.pdfIn PDF document text
- http://badge-verification-center.com/92634176984aqrs4.pdfIn PDF document text
- http://motubudasuvapan.medianewsonline.com/sig_p226_elite_sao_price.pdfIn PDF document text
- http://bostpolamos.site/entry_level_machine_learning_engineer_salary_in_indiav8hxn.pdfIn PDF document text
- http://sepoxudozixo.sportsontheweb.net/linking_words_adding_information_examples.pdfIn PDF document text
- http://sonezabejudazof.22web.org/aqa_science_physics_textbook_answers.pdfIn PDF document text
- http://paxabak.mypressonline.com/bsc_agri_merit_list_2020_download.pdfIn PDF document text
- http://reduslimitaly-official.website/55524735076x8twd.pdfIn PDF document text
- http://tevajevidiwa.22web.org/gogipuponifirokupiwegovav.pdfIn PDF document text
- http://cosmostil.top/wazanugojoxataxiwjm6wq.pdfIn PDF document text
- https://e3e1c2aa-7f41-47b0-8c2f-d823cb48b857.filesusr.com/ugd/7598fa_daca9d4eb54244248e43c2e7915d2501.pdf?index=trueIn PDF document text
- https://006b50d4-ad2a-4261-8279-34542eb0d7b0.filesusr.com/ugd/a640e9_49b215901e6a47a0b5fa519eaa30f6fb.pdf?index=trueIn PDF document text
- http://dezinolabebosod.atwebpages.com/hernan_cortes_conquista_de_mexico.pdfIn PDF document text
- https://67536400-2f23-40e2-9d3a-36ae3f4dfb8c.filesusr.com/ugd/5312ea_6643e0b1c3c141d491a79859d2eb59d8.pdf?index=trueIn PDF document text
- https://c3a7a64c-5591-430b-94d7-c2eadfdf3523.filesusr.com/ugd/966478_195eee676eb14a07b4ac9086e7a20d16.pdf?index=trueIn PDF document text
- http://nosenek.epizy.com/mass_effect_andromeda_trophy_guide_ps4.pdfIn PDF document text
- http://bufagefitazi.rf.gd/howl_and_other_poems_summary.pdfIn PDF document text
- http://fotopokidag.epizy.com/history_of_the_bible_translations.pdfIn PDF document text
- http://wadoromutisagar.myartsonline.com/suladusijumedemitu.pdfIn PDF document text
- https://4de1274e-a26b-4e71-a0d1-d86f0cfee7ee.filesusr.com/ugd/ee4d88_ffe60ba7ec5f4d87b52c6cb3dd02bb1e.pdf?index=trueIn PDF document text
- http://jitawidavez.atwebpages.com/16066050017.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.