MALICIOUS
154
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF file was identified as malicious by multiple heuristics and a machine learning classifier. It contains a large number of external links, suggesting it functions as a link farm to distribute further malicious content or phish users. The presence of PDF_SEO_LINK_FARM and PDF_URI heuristics indicates a deliberate attempt to host numerous external PDF links, likely for SEO manipulation or to serve as a landing page for malicious downloads.
Machine Learning
- Nyx PDF Classifier malicious score 0.7018
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ponafet.ru/award?keyword=bron+y+aur+tab+pdf
- https://cdn.sqhk.co/nalomuxe/jaQigBj/70749943430.pdf
- http://consumer-data-protection-bureau.com/gagurudatirikejawuxxvbw.pdf
- https://cdn.sqhk.co/jogekiluse/gejgBhg/zumapetilamadu.pdf
- https://cdn.sqhk.co/zudilubal/LNHBgdQ/loruruzirimezofovifujepeb.pdf
- http://amst-watch-v2.club/land_breeze_worksheetun261.pdf
- https://cdn.sqhk.co/namulofilox/cXjbidv/67862076949.pdf
- https://cdn.sqhk.co/lilaxikixo/dwhfihi/download_zombie_outbreak_simulator_mod_apk.pdf
- http://lisolu.org/jandy_lrz_pool_heater_troubleshooting_guidelcp12.pdf
- https://cdn.sqhk.co/wugolekufo/gfHihhe/mix_match_color_bedroom_furniture.pdf
- https://static.s123-cdn-static.com/uploads/4499958/normal_5fffcc3d8cc5e.pdf
- http://draiwenstore.online/42401771708n12wi.pdf
- https://cdn.sqhk.co/mepapogivoma/hcs8pUy/fubiwafabusunowuremiv.pdf
- https://cdn.sqhk.co/zeritogekuja/hjo2239/zaxanuvonuvupolefanid.pdf
- https://cdn-cms.f-static.net/uploads/4457296/normal_6058893e5fae7.pdf
- https://cdn.sqhk.co/baxorurifina/hea6hbO/affirm_login_denied.pdf
- https://cdn.sqhk.co/keridola/w2jn2jj/zijijaxaximadakudized.pdf
- https://cdn.sqhk.co/sizozizaj/LEihGBo/rukegiwa.pdf
- https://cdn-cms.f-static.net/uploads/4443819/normal_6025667195001.pdf
- https://cdn.sqhk.co/fekerepusa/ghv5HUc/cartoon_wars_gunner_guide.pdf
- https://cdn.sqhk.co/petebeki/QUwhetg/mirubexajosun.pdf
- http://www.ascendercorp.com/
- http://www.ascendercorp.com/typedesigners.html
- https://beea745c-e446-4317-9ad8-fe501d584c0a.filesusr.com/ugd/9196db_222a39c275bf44e480f93743b0ad11af.pdf?index=true
- https://6acf0ca1-aa41-4771-8b91-54baff69ee7f.filesusr.com/ugd/7d1dc9_e457b72886a342ddbb7aa271a17b0c46.pdf?index=true
- https://76ed6b59-b034-43ac-b949-e1c08f76e3cb.filesusr.com/ugd/ee6100_4ebc611146a64b0fb9a24ac20ca4a55a.pdf?index=true
- https://66c7139a-03c0-45fe-98d3-e817d1e01442.filesusr.com/ugd/de2db5_94175c1cc01842e3a21a58095cb434dc.pdf?index=true
- https://dba0ca6b-c979-46b3-87c9-041648dee063.filesusr.com/ugd/6f58fb_3b24a1dc9114456f92307f0797ab1d1f.pdf?index=true
- http://scripts.sil.org/OFL
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000f81a.bin2a49d45de82639cb633b409305807f2223f6f179db065831a40426b790ed5138 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xF81A | 5116 bytes |
font_01_sfnt_off00010999.bin28eca29ffd02ee9db62442b7f889fa52fd15c9fa2afadd7685e2955246a101b7 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x10999 | 11040 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.