PDF malware analysis — malicious · 723ea681675c3741

MALICIOUS

PDF

45.6 KB Created: 2021-09-02 23:25:39 +03:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 5.11.3) First seen: 2021-11-24

MD5: 923d708607686c22797001b256a4f2c9 SHA-1: 7692ea24996a92e06262400dbe1eed8448f5f7a1 SHA-256: 723ea681675c3741444d59bc628b3ed8e968407a3e31336c6dd733919f624cec

64 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with a specific signature indicating it is a phishing trojan. It contains an embedded URI pointing to a suspicious domain, which is likely used to host malicious content or phishing pages. The PDF structure itself is minimal, suggesting its primary purpose is to exploit the embedded link.

Machine Learning

Nyx PDF Classifier suspicious score 0.3681

Heuristics 3

ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://inwebjor.ru/uplcv?utm_term=compress+pdf+online+terbaik+500kb PDF link annotation

Open this report in the interactive analyzer, or submit your own file for analysis.