MALICIOUS
94
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file embeds external URLs that direct users to attacker-controlled resources. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7994
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://jumiwimov.ru/strik?utm_term=verbos+y+preposiciones+en+ingles+lista+pdf PDF link annotation
- https://cdn.sqhk.co/gojaxaxiwa/heIgdgi/mazezupoj.pdfIn PDF document text
- https://cdn.sqhk.co/zunezafi/uLBijjh/the_catbird_seat_short_story_characters.pdfIn PDF document text
- https://cdn.sqhk.co/gujadozede/4ieeTzh/95610072497.pdfIn PDF document text
- https://cdn.sqhk.co/fifapupifig/ZNjgate/gapesilaxavipujewimasilid.pdfIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- http://wukosow.epizy.com/kowogakaperisezasujabo.pdfIn PDF document text
- http://siderawe.epizy.com/free_company_brochure_template_word.pdfIn PDF document text
- http://xawavejemefo.epizy.com/60091897862.pdfIn PDF document text
- https://s3.amazonaws.com/tokit/bugowozademeligunidogorej.pdfIn PDF document text
- https://s3.amazonaws.com/zodawanuror/dr.neal_barnards_program_for_reversing_diabetes.pdfIn PDF document text
- https://s3.amazonaws.com/xidulumexi/xirita.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1107d7b1-1458-4f03-87ee-007b9cf11969/what_is_a_physiological_assessment.pdfIn PDF document text
- http://fenigubigona.epizy.com/friendship_quotes_in_english_with_images.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/082a83f4-8c31-45c1-9de7-3cc40d8d6bd1/sherlock_holmes_stories_in_marathi_read_online.pdfIn PDF document text
- https://s3.amazonaws.com/simujix/32956728135.pdfIn PDF document text
- http://todizegi.epizy.com/magnito_adebayo_free.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/9f9d9cc4-e2e0-42f5-8043-f8e460ee15fb/89016031201.pdfIn PDF document text
- https://s3.amazonaws.com/pomaxa/89575738180.pdfIn PDF document text
- http://perabojon.rf.gd/petsafe_wireless_pet_containment_system_tractor_supply.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/629160a9-c3a6-4702-b01c-a21f08b8695a/45460103645.pdfIn PDF document text
- https://s3.amazonaws.com/gezetega/jimodegejulujus.pdfIn PDF document text
- https://s3.amazonaws.com/gurupixabogivaz/6th_grade_math_ccss_i_can_statements.pdfIn PDF document text
- https://s3.amazonaws.com/mexijegedakol/75372860767.pdfIn PDF document text
- http://scripts.sil.org/OFLIn PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000ef36.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xEF36 | 5528 bytes |
SHA-256: 94e9f3e5b8ce70977532d445b442f29c9b1862cf988d205c1fb052b2438982f8 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.