MALICIOUS
212
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a large number of links, including a link farm and a redirector to malicious infrastructure. The ClamAV detection and ML classifier further support its malicious nature. The embedded content appears to be a lure related to dehydrator instructions, likely to disguise the malicious links.
Machine Learning
- Nyx PDF Classifier malicious score 0.6087
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/aws?utm_term=how+long+does+beef+jerky+take+in+a+dehydrator
- https://dupudebokuvufex.weebly.com/uploads/1/3/2/3/132303235/3317264.pdf
- http://fuwijumazawad.mywebcommunity.org/adaptation_in_plants_for_class_4_worksheets.pdf
- http://vuvodagedene.scienceontheweb.net/bimal_jalan_committee_upsc.pdf
- https://rowexajezer.weebly.com/uploads/1/3/0/7/130776500/9919171.pdf
- https://5b0e1d79-1acc-45ba-a965-31015372eee8.filesusr.com/ugd/67f5f7_4381299e55404c4e8ca1820fa9f7c59c.pdf?index=true
- https://uploads.strikinglycdn.com/files/9cdd808d-d3f9-4995-baca-c4ae78643626/dolud.pdf
- http://lijizuzinarit.epizy.com/19674012390.pdf
- https://45f0f727-c607-4398-b3b7-8b42e23b21b2.filesusr.com/ugd/0a84ca_e434a31fd05e47f6b2c4de2d6411d9dd.pdf?index=true
- https://uploads.strikinglycdn.com/files/6baef331-abf0-4504-8179-f05a6ec19f86/gekupat.pdf
- https://c84ffda1-e72a-45fa-8ce8-a771970cf326.filesusr.com/ugd/9fd656_215d03d177294a8e9800f5d7a00a8c7c.pdf?index=true
- https://uploads.strikinglycdn.com/files/cbfd76bd-154a-4b58-ad79-29505033dc0c/what_kind_of_poem_is_neutral_tones.pdf
- https://0a497e50-07dd-462d-832d-d8678f741a8e.filesusr.com/ugd/5f857b_a15e1f87164548799d301d4ba4e8038c.pdf?index=true
- https://uploads.strikinglycdn.com/files/20dd2e79-b1e3-499c-8dbb-be7646c65f73/how_to_make_android_app_without_coding.pdf
- https://uploads.strikinglycdn.com/files/560e6b80-e8b8-4d06-a410-d58d2ccb379a/ap_biology_chapter_1_introduction_themes_in_the_study_of_life_answers.pdf
- https://569961a5-e6b5-462d-8b38-7193d5e7b20b.filesusr.com/ugd/a37a2e_6170bd1dd6de42c7b0566a54ffb97aa4.pdf?index=true
- https://uploads.strikinglycdn.com/files/398f7a8f-edb5-4609-a571-713328ff8d9c/echo_cs_590_parts.pdf
- http://peworesafasar.epizy.com/dimabijizafawubimof.pdf
- https://uploads.strikinglycdn.com/files/7a45b316-271c-41ed-b874-fee1e8f91649/zerexupomovemetubotosela.pdf
- http://vugofixev.rf.gd/kidde_kn-cob-b_carbon_monoxide_alarm.pdf
- https://uploads.strikinglycdn.com/files/96b76c55-c37b-4691-9e0c-003f75dcbb96/xamosale.pdf
- https://uploads.strikinglycdn.com/files/e3624bc4-bd0b-43f3-9a79-495511caf77c/common_centroid_layout_current_mirror.pdf
- http://jopipada.epizy.com/gezinaju.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.