MALICIOUS
172
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF is identified as a malicious redirector link, likely intended as a phishing lure. It contains a full-page image designed to obscure a clickable link, a common tactic for tricking users into visiting malicious sites. The primary URL, https://cctraff.ru/aws?keyword=makalah+titrasi+redoks+pdf, is flagged as malicious, indicating it leads to harmful content or further redirection.
Machine Learning
- Nyx PDF Classifier malicious score 0.9941
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 32 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://cctraff.ru/aws?keyword=makalah+titrasi+redoks+pdf
- https://cdn-cms.f-static.net/uploads/4375199/normal_5f8ba0da25514.pdf
- https://cdn-cms.f-static.net/uploads/4393209/normal_5f8e74fd6c9f9.pdf
- https://cdn-cms.f-static.net/uploads/4378618/normal_5f8a94dea4ff0.pdf
- https://cdn-cms.f-static.net/uploads/4366969/normal_5f872bfb41fb1.pdf
- https://cdn-cms.f-static.net/uploads/4368745/normal_5f935cbf8b44f.pdf
- https://cdn-cms.f-static.net/uploads/4367019/normal_5f8901c5386ad.pdf
- https://cdn-cms.f-static.net/uploads/4379043/normal_5f8d905012889.pdf
- https://cdn-cms.f-static.net/uploads/4385231/normal_5f8d862166087.pdf
- https://cdn-cms.f-static.net/uploads/4369508/normal_5f8fe01d50c87.pdf
- https://cdn-cms.f-static.net/uploads/4365560/normal_5f8befecb8958.pdf
- https://cdn-cms.f-static.net/uploads/4375517/normal_5f914ff981866.pdf
- https://cdn-cms.f-static.net/uploads/4370080/normal_5f89ba9d01f6f.pdf
- https://cdn-cms.f-static.net/uploads/4383321/normal_5f8c7ffb20caf.pdf
- https://cdn-cms.f-static.net/uploads/4374978/normal_5f91f5e7642aa.pdf
- https://s3.amazonaws.com/xapidajovaji/62485319381.pdf
- https://s3.amazonaws.com/tadovu/que_es_aldea_global.pdf
- https://s3.amazonaws.com/susopuzupure/zozaner.pdf
- https://uploads.strikinglycdn.com/files/7e88a62c-277b-434a-88d4-11ab4d50ca00/sinokalagevakukofejolu.pdf
- https://uploads.strikinglycdn.com/files/1dbbbee8-c855-4bfb-86b1-bf1f499c93c2/tegebiwuwuri.pdf
- https://uploads.strikinglycdn.com/files/6f2b7526-6171-4f22-b8a8-70b856ebd1d6/vapid_peyote_peyote_gang.pdf
- https://uploads.strikinglycdn.com/files/9dde3e1e-3be9-48fc-bbdf-01a837614e09/50722795405.pdf
- https://uploads.strikinglycdn.com/files/0ca7c563-e577-4d77-8f0a-cec44552786c/81297794586.pdf
- https://cdn.shopify.com/s/files/1/0431/6227/1898/files/black_magic_symptoms_in_bangla.pdf
- https://cdn.shopify.com/s/files/1/0501/6358/1090/files/song_7_years_old_lyrics.pdf
- https://cdn.shopify.com/s/files/1/0495/7808/2495/files/zigazilomebamivow.pdf
- https://cdn.shopify.com/s/files/1/0484/8890/6902/files/482332278.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.