PDF malware analysis — malicious · a0c436e073138e84

MALICIOUS

PDF

46.9 KB Created: 2021-09-10 03:15:42 +03:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 5.11.3)

MD5: d40a4e0ac6a73476d06335d7b8eb6dc5 SHA-1: 9dfad2d1e2cc5c9a0e5ea22296e7ece75d533097 SHA-256: a0c436e073138e840d9ae31610ba36a3794f810a455f2929a18f4a8b15b274b7

64 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The ClamAV heuristic identified this PDF as a phishing trojan. The document contains embedded URLs that lead to external websites, some of which are unknown and potentially malicious. The presence of embedded URLs suggests an attempt to redirect the user to phishing or malware distribution sites.

Machine Learning

Nyx PDF Classifier suspicious score 0.4964

Heuristics 3

ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://peterpan1996.it/userfiles/files/30942128647.pdf
- https://mygenius.ru/admin/ckfinder/userfiles/files/bitujekexelilarun.pdf
- https://feedproxy.google.com/~r/skout/mBVl/~3/zMnd8XtcwSM/uplcv?utm_term=next+update+for+redmi+note+8+pro

Open this report in the interactive analyzer, or submit your own file for analysis.