MALICIOUS
160
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9999
Heuristics 4
-
ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xilajobuzaluwu.weebly.com/uploads/1/3/0/3/130313176/5826459.pdf In PDF document text
- http://mosbeton24.ru/uploads/2020/01/28/tojevo_kujojive_wakinetorapuga_tunifi.pdfIn PDF document text
- http://kellettcommunications.com/uploads/1/3/0/4/130489131/8509432.pdfIn PDF document text
- http://northbridgeeg.com/uploads/1/3/0/6/130620172/7576920.pdfIn PDF document text
- http://ludipu.adwords-about.com/uploads/2020/01/28/mumelezokeg.pdfIn PDF document text
- http://bon.rzgraphics.tech/uploads/2020/01/27/wigisaforifutat-rogagizereb.pdfIn PDF document text
- http://pab.stat-roditelyami.ru/uploads/2020/01/27/tezusevomolosuf_zaxukejetoze_danopi.pdfIn PDF document text
- https://puzuxorufi.weebly.com/uploads/1/3/0/5/130544386/49ebe8.pdfIn PDF document text
- http://foz.vipiski-besplatno64.icu/uploads/2020/01/28/lebal.pdfIn PDF document text
- http://thingstodoambercove.com/uploads/1/3/0/5/130547418/folavifurosu.pdfIn PDF document text
- http://nomutixube.rosmedi.ru/uploads/2020/01/27/xezaseruvax.pdfIn PDF document text
- https://xakokazamajo.weebly.com/uploads/1/3/0/5/130544652/lorufodoxeli_sanububoligu_xonefulixivukab.pdfIn PDF document text
- https://wabusefo.weebly.com/uploads/1/3/0/2/130287940/vogevakabixanusi.pdfIn PDF document text
- http://urbanfreshfarms.biz/uploads/1/3/0/5/130590215/juzuw.pdfIn PDF document text
- http://channelingthelight.com/uploads/1/3/0/4/130477945/ziberol.pdfIn PDF document text
- http://sightseethecity.com/uploads/1/3/0/5/130542831/paxafifolixow.pdfIn PDF document text
- http://shopsone3.fun/uploads/2020/01/28/ca0bed.pdfIn PDF document text
- http://jefffiegerdesigns.com/uploads/1/3/0/6/130604838/sefezexupul-rubivufesib-ravodo-teraj.pdfIn PDF document text
- http://kizorolaxa.transcom78.ru/uploads/2020/01/29/f0581917348c51.pdfIn PDF document text
- http://emaxb.com/uploads/2020/01/27/wejewajek.pdfIn PDF document text
- http://pigenem.olegdfr.fr/uploads/2020/01/28/sebusi.pdfIn PDF document text
- http://abqroofs.com/uploads/1/3/0/3/130313346/130313346.html#comic+book+panel+layout+templateIn PDF document text
- http://dejavu.sourceforge.netIn PDF document text
- http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000016a9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x16A9 | 8080 bytes |
SHA-256: fb9572f41d0cda4f5193f5eb949216076db87b15f1af40ff95c972fec73e89f2 |
|||
font_01_sfnt_off00006837.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x6837 | 16064 bytes |
SHA-256: fc0bcc9d08d908b8b1287d0ab2df4e3a5be78b1d1690d8efe3ff9d2c54ab5679 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.