MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is identified as malicious by ClamAV with a specific signature indicating it is a phishing trojan. The document contains an embedded URI pointing to a suspicious domain, likely intended to host malicious content or phishing pages. Although the document body is heavily obfuscated, the presence of the external URI and the ClamAV detection strongly suggest a phishing or malware distribution attempt.
Machine Learning
- Nyx PDF Classifier suspicious score 0.3274
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://traffnew.ru/strik?utm_term=modern+age+comics+worth+money PDF link annotation
- https://cdn-cms.f-static.net/uploads/4375194/normal_5fa726b26a7bc.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4366957/normal_5fdaf7fbcd0e9.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4421468/normal_5fc8eb6f319df.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4415739/normal_5fcc44a9d8951.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4452846/normal_5fba43f35a9ac.pdfIn PDF document text
- https://gotedimonov.weebly.com/uploads/1/3/4/7/134761190/52bb1.pdfIn PDF document text
- https://s3.amazonaws.com/towakog/timasinekunakolifu.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/3f747003-4e64-4ffb-8af4-0de00d3c9ff1/summer_waves_pool_vacuum_plate.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.