MALICIOUS
152
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF file contains a heuristic firing for a malicious redirector link, pointing to a URL that is likely part of a phishing campaign. The ML classifier also flagged the document as malicious. The document body, though heavily obfuscated, contains text related to 'Larson storm window installation guide', suggesting a lure to trick users into clicking the malicious link.
Machine Learning
- Nyx PDF Classifier malicious score 0.7800
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://gettraff.ru/aws?utm_term=larson+storm+window+installation+guide In PDF document text
- https://cdn-cms.f-static.net/uploads/4379498/normal_5fc0ad3f64484.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4483070/normal_5fbe5e9ae1599.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/91cc83d1-1c1e-4990-bb4b-bf4c38a0a4d3/pobuduxunexiwazuzu.pdfIn PDF document text
- https://s3.amazonaws.com/lupebesu/63354817588.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/8a351a6c-a5fe-4361-ad03-6abb68b103a6/sagijenefijiloxedoguve.pdfIn PDF document text
- https://static1.squarespace.com/static/5fc0ea21c30a162e0c52977d/t/5fcbe28c1df7590d80ec7a17/1607197324492/real_steel_movie_truck.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/8007caa3-bce5-4eed-9119-31ef4fe25485/fokazewaraluxikugapom.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/01a32762-d988-4254-a414-a5b0c31a05f3/3428178064.pdfIn PDF document text
- https://s3.amazonaws.com/lomiwexuva/tuvatoxavosurenonuneve.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/d7803341-c2a1-41e4-b29f-200676e88655/medtronic_lifepak_cr-t_aed_trainer_instructions.pdfIn PDF document text
- https://static1.squarespace.com/static/5fc10304b8467722f1d4df02/t/5fc165eb4f98375720140354/1606510064894/4th_anniversary_gift_ideas_fruit_and_flowers.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/38963c75-04dc-42e0-b1a8-33647fe72162/4493508753.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.