MALICIOUS
124
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF file contains embedded URLs and is flagged as malicious by ML classifiers and ClamAV. The heuristic 'PDF_SEO_DISPOSABLE_LINK_FARM' indicates a pattern of using disposable hosting for link farms, suggesting a phishing or malware distribution scheme. The primary malicious URL identified is https://midufefew.ru/strik. No scripts were extracted, but the overall structure and URL suggest a phishing attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.7134
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Small PDF is a non-clustered link farm on disposable hosting medium PDF_SEO_DISPOSABLE_LINK_FARMSmall PDF contains many clickable external PDF links spread thin across many distinct hosts (no single dominant host), corroborated by a utm_term SEO-redirector link and/or links parked on free/disposable content hosts. This is the 'free document/template' SEO phishing PDF family, which ranks for search queries and routes users into payload/redirect chains, rather than a normal document citation pattern. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://midufefew.ru/strik?utm_term=digital+communications+manager+resume PDF link annotation
- http://gedirobidepud.scienceontheweb.net/dapemox.pdfIn PDF document text
- http://suzupuwejal.mygamesonline.org/bofuwevadodolujujemubasu.pdfIn PDF document text
- http://rofuxipof.mywebcommunity.org/59118310910.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/abe10bfb-d23c-446d-81ec-39649857b8ed/83278528919.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/f8ef4015-5b5a-423e-8910-8af18ef0a675/68289724286.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/25dcecd1-f79e-4448-b4f0-28c4bc476fbc/47155251634.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/b1080901-57ef-48b2-b1c2-61a5df4be384/dupizurod.pdfIn PDF document text
- http://vesuduw.epizy.com/18521369432.pdfIn PDF document text
- http://vabuperupijod.epizy.com/blank_october_2017_calendar_template.pdfIn PDF document text
- https://s3.amazonaws.com/jajoxulabojaso/best_calendar_app_for_family_sharing_android.pdfIn PDF document text
- http://futikuzita.onlinewebshop.net/papigowowamek.pdfIn PDF document text
- https://s3.amazonaws.com/sajezife/cambridge_igcse_physics_third_edition_answers.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/d9901396-0940-42ad-9032-8c99e003decd/28834054221.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1f12c40b-6742-4072-ab10-0e682244ad14/lijopub.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/6b4f677a-8136-4b09-a3ad-5778307169bc/liludaja.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/6deff882-f3e0-4d05-af0f-2edbf21d833a/itchy_spots_in_scalp.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/efe5ffb6-a8f8-4e7f-9680-81af245011ba/animal_farm_george_orwell_summary.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/12edc187-d5a9-4f7b-95a8-1d457a63681c/why_my_roku_remote_not_working.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/842e5a4b-cf5e-4ad7-862b-c7390d5ab74e/cuisinart_burr_grind_and_brew_problems.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e5616be0-7e10-4566-920f-478e22d91c06/vageladurovejaxatasagolum.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/7d9cad1f-2456-46a1-a33b-bc2f62fdb511/38925926475.pdfIn PDF document text
- http://wusozupit.myartsonline.com/fiwatojeti.pdfIn PDF document text
- https://s3.amazonaws.com/lolijexejomak/kundali_bhagya_natak_song.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/6eea95c3-4b78-4475-aeaf-13f37f54624a/golds_gym_exercise_bike_battery_cover.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.