MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as malicious by ClamAV. The file embeds external URLs that direct users to attacker-controlled resources. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier suspicious score 0.4672
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://inlovehuahin.com/file_media/file_image/file/juveviwepod.pdf In PDF document text
- https://goactive.hu/wp-content/plugins/super-forms/uploads/php/files/92d1e105076ee1c3e58fa2f9dfa7479e/debututujawezuve.pdfIn PDF document text
- https://rittenhousesmiles.com/wp-content/plugins/super-forms/uploads/php/files/636f0639090f754aabe74e64e31ecf0d/71476023371.pdfIn PDF document text
- http://baaningdoi.com/file_media/file_image/file/rotagidelupugemag.pdfIn PDF document text
- http://korealabels.com/ckfinder/userfiles/files/degadoweru.pdfIn PDF document text
- http://dytac.hk/userfiles/71660637334.pdfIn PDF document text
- https://feedproxy.google.com/~r/skout/mBVl/~3/Om9ozkHLxGw/uplcv?utm_term=gillette+fusion5+proglide+power+vs+manualPDF link annotation
Open this report in the interactive analyzer, or submit your own file for analysis.