MALICIOUS
152
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9999
Heuristics 3
-
ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xixogobepagujub.weebly.com/uploads/1/3/0/5/130539393/tuwidopo.pdf In PDF document text
- https://texujidokurad.weebly.com/uploads/1/3/0/2/130288453/bd38d.pdfIn PDF document text
- https://lofisuwifubif.weebly.com/uploads/1/3/0/5/130550777/6387049.pdfIn PDF document text
- http://artekcm.com/uploads/1/3/0/4/130436439/c14f6c95f26.pdfIn PDF document text
- http://foz.vipiski-besplatno64.icu/uploads/2020/01/28/jenojemo.pdfIn PDF document text
- http://loneezyvisionz.com/uploads/1/3/0/6/130640079/3282171.pdfIn PDF document text
- http://bunut.topmanicure.ru/uploads/2020/01/27/votofix.pdfIn PDF document text
- http://onlygodcanjudgeus.com/uploads/1/3/0/4/130476150/gorut.pdfIn PDF document text
- http://bgflowermart.com/uploads/1/3/0/2/130291939/rirorokidi-vatugo-duberakot.pdfIn PDF document text
- http://northmeats.com/uploads/1/3/0/5/130588783/duwok.pdfIn PDF document text
- http://navajos.de/uploads/1/3/0/6/130639214/867073.pdfIn PDF document text
- http://datow.finresult.com/uploads/2020/01/29/3e1526da57331.pdfIn PDF document text
- http://bethlauzier.com/uploads/1/3/0/4/130488616/nibudo_volawejamo.pdfIn PDF document text
- https://nebirowupiwowis.weebly.com/uploads/1/3/0/5/130588856/04c3d853c30.pdfIn PDF document text
- https://zorurube.weebly.com/uploads/1/3/0/5/130545001/f50743b21c3.pdfIn PDF document text
- http://restaurantbeaumonde.com/uploads/1/3/0/3/130323594/sumefaxatisoz.pdfIn PDF document text
- http://vaxeduwif.speacetech.us/uploads/2020/01/29/5b74087.pdfIn PDF document text
- http://sophsphotos.com/uploads/1/3/0/4/130489157/5299929.pdfIn PDF document text
- http://myphonexpress.com/uploads/1/3/0/4/130483847/dipamidafipimewizew.pdfIn PDF document text
- http://mrsdawson-classroom.com/uploads/1/3/0/2/130272573/130272573.html#foolproof+module+9+test+answers+quizletIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- http://dejavu.sourceforge.netIn PDF document text
- http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text
- https://fedoraproject.org/wiki/Licensing/LiberationFontLicenseIn PDF document text
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000013a9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x13A9 | 9620 bytes |
SHA-256: 115b45a62a3c522c7b0bc09a5942ff366ca486d423cea4bb4f651cdd8441244b |
|||
font_01_sfnt_off0000bb64.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBB64 | 16204 bytes |
SHA-256: f31c439e28d0137206b91a151f21343900f846ed9ff070250fbe82eb1cc7da1d |
|||
font_02_sfnt_off0000d03f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xD03F | 2652 bytes |
SHA-256: 1b3f82cd74c5b6671cc0c0d4a6c7877b74bb57ca469b2a61ef541918e41af838 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.