MALICIOUS
174
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF is identified as a phishing lure due to its small size and image-heavy content, typical of a screenshot designed to hide clickable elements. It contains a mass of external PDF links, suggesting a link farm intended to host further malicious content. The presence of multiple unknown URLs indicates a potential distribution network for malware or phishing pages.
Machine Learning
- Nyx PDF Classifier malicious score 0.6563
Heuristics 5
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 43 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xajibur.ru/award?keyword=fragmento+del+libro+11+minutos
- https://cdn.sqhk.co/ragonujip/2ihhbie/spiral_jump_game_download.pdf
- https://bufasijo.weebly.com/uploads/1/3/2/7/132740378/levariwanufen-keginivawoti.pdf
- https://porukugo.weebly.com/uploads/1/3/1/3/131380087/98e1052bbaf.pdf
- https://cdn.sqhk.co/lilaxikixo/ihiajb6/23825352756.pdf
- https://cdn.sqhk.co/kululojilo/higc3F6/nbc_sports_predictor.pdf
- https://cdn.sqhk.co/kigimole/eAGu7Q7/jotuguwojifez.pdf
- https://jeputuzomum.weebly.com/uploads/1/3/1/3/131398597/zukegukezek.pdf
- https://cdn.sqhk.co/saxamabewido/dghdjci/planet_simulation_software.pdf
- https://lugifepitel.weebly.com/uploads/1/3/2/7/132710690/398040.pdf
- https://matomuzunoto.weebly.com/uploads/1/3/5/3/135389802/f4f64.pdf
- https://cdn.sqhk.co/nivunufozub/ejiidgh/microsoft_teams_download_for_windows_7_old_version.pdf
- https://cdn.sqhk.co/ramawuvade/hixibRo/adobe_illustrator_draw_ipad_download.pdf
- https://uploads.strikinglycdn.com/files/61e27660-a850-4ed1-aa5c-179bf77c33e9/lezonibigerofubuda.pdf
- https://uploads.strikinglycdn.com/files/77997f88-3f92-41d7-a231-5ae5797fd67a/jipes.pdf
- https://uploads.strikinglycdn.com/files/b1ac2d06-05ae-4cbd-9a0f-e6a386767d8d/sasela.pdf
- https://uploads.strikinglycdn.com/files/0f209291-190b-480f-ae17-b95eb4c0fd23/wikigofezitoridasusu.pdf
- https://uploads.strikinglycdn.com/files/754ccf50-da72-45be-83cb-7331808fd872/21575841131.pdf
- https://uploads.strikinglycdn.com/files/2149a029-8c6a-4fb3-b890-4693665e5066/the_moral_landscape_criticism.pdf
- https://uploads.strikinglycdn.com/files/d2150568-fc18-4e90-bd3d-90b603125504/how_to_buy_a_covered_call_option.pdf
- https://uploads.strikinglycdn.com/files/a90424c0-75a2-4993-8f58-4741ee2adef6/printable_modern_calligraphy_practice_sheets_free.pdf
- https://uploads.strikinglycdn.com/files/d8734a7f-8340-4854-b2ae-31a783abf64f/how_to_get_rid_of_santivirus_on_windows_10.pdf
- https://uploads.strikinglycdn.com/files/7a2ecf51-147b-4d0d-be7e-5b9a82c1dae2/96685933960.pdf
- https://uploads.strikinglycdn.com/files/3dc3f608-495d-4c38-b576-211a5ac78f1a/78272213262.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.