MALICIOUS
94
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file embeds external URLs that direct users to attacker-controlled resources. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7936
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://queure.ru/pbw?utm_term=joystick+app+for+pokemon+go PDF link annotation
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- https://uploads.strikinglycdn.com/files/de776a93-32d3-4a7a-aa4a-2a78ba8cdcc9/natesebew.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e949cafd-a2fc-4a3c-8acb-8d72b2928d20/xazusuwovofalofoxinokos.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/28a9f628-a517-40e3-978d-1dc9788e1e06/sisurisomulekiwepuzet.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/2cce0bce-88dd-4c78-a08f-7558960ebe5c/zotoseduk.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e14a44dc-060d-4d7d-9600-1d0f21e68d61/hp_deskjet_2546r_not_printing.pdfIn PDF document text
- http://sodopateduke.pbworks.com/w/file/fetch/144427158/yaris_2007_service_manual.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/0b0c412b-4f66-4137-a350-02359dfb7c1e/what_kind_of_oil_does_a_2003_honda_rancher_take.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/735a123e-7c73-449f-805d-951a4b517ef4/what_are_the_barriers_to_communication_with_examples.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/58982164-b745-4742-b1a7-f3477463f767/1827816361.pdfIn PDF document text
- http://jajafad.pbworks.com/w/file/fetch/144419145/suvarudezi.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/89b2c911-c116-4c69-bc78-8156c043ff57/wolipenenujafiniwoj.pdfIn PDF document text
- http://wamotarirup.pbworks.com/f/gomamalopeveba.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/bb64a60b-5b40-475c-a2d5-cad681a74de3/roku_24_inch_tv.pdfIn PDF document text
- http://rujuboxu.pbworks.com/f/feenstra_and_taylor_international_macroeconomics_4th_edition.pdfIn PDF document text
- http://damopijos.pbworks.com/w/file/fetch/144498918/towamazuwebene.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/34838b2f-f8ec-44be-97bf-54ecb9ef2f16/64538392920.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/8645c4e4-3e15-4ff1-9432-b718f7f075f4/picsart_premium_full_unlocked_apk.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1eb576e1-97b0-4591-b582-09340ad3522f/49420380963.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1e7a73ec-4606-479b-b360-ec8ba426548a/how_to_cope_with_rainy_weather.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e9041dc4-9268-477e-ac6c-4385d43d31c2/mens_hairdresser_near_me_open_sunday.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/f9e7cca2-d5b5-4b8b-8b40-3abe7c63b553/gta_vice_city_how_to_get_money_cheat_code.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/ddd6e6f0-c848-4953-b867-7f0b9240e085/why_does_a_patch_of_my_skin_sting_when_i_cry.pdfIn PDF document text
- http://scripts.sil.org/OFLIn PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000f173.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xF173 | 5248 bytes |
SHA-256: 35bd0e0b308889f152e0d165d87c4b551ac3c791a143b2e708a577d2d54de170 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.