MALICIOUS
152
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a critical heuristic firing for a malicious redirector link, pointing to 'https://ttraff.me/wix?keyword=faded+piano+sheet+music+hard'. This URL is likely used to redirect users to a malicious site for phishing or malware delivery. The document body, though heavily obfuscated, contains references to sheet music and the malicious URL, reinforcing the lure. The presence of a large number of external PDF links also suggests a link farm for SEO manipulation or distributing further malicious content.
Machine Learning
- Nyx PDF Classifier malicious score 1.0000
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.me/wix?keyword=faded+piano+sheet+music+hard
- https://static.usrfiles.com/ugd/ce77c6_b76719e7854c4259a3d5618794667fa5.pdf
- https://static.usrfiles.com/ugd/b8c837_eb85a69704e54eceb19bf28d159057f5.pdf
- https://static.usrfiles.com/ugd/edb4a7_7b0d58d538c942c8ae9e1c99742625d7.pdf
- https://static.usrfiles.com/ugd/b5472a_9cecf7de791447dbbee298d0d9e3ce1f.pdf
- https://static.usrfiles.com/ugd/1df9ea_e2aab566f1a34ba58a7090f732eca3fe.pdf
- https://static.usrfiles.com/ugd/c63dba_fe80d35630a84956bb3c407ee625c12b.pdf
- https://cdn.shopify.com/s/files/1/0439/7613/0718/files/noworeladarakakepipaxajev.pdf
- https://cdn.shopify.com/s/files/1/0429/2221/3542/files/25178303628.pdf
- https://cdn.shopify.com/s/files/1/0430/6547/5226/files/95596516571.pdf
- https://static.usrfiles.com/ugd/b8c837_02fb678a846046bdaea36084b9351022.pdf
- https://static.usrfiles.com/ugd/9df9d6_4e9673b698cd4849b1306737ebad7e79.pdf
- https://static.usrfiles.com/ugd/c3f88d_60d5fa949ec340d280e74e0154672709.pdf
- https://static.usrfiles.com/ugd/b8c837_0444f4670e5641759cd886d5c46e78c8.pdf
- https://static.usrfiles.com/ugd/0dd040_4512944ebe554bc89debfaf58729aa71.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000519c.bin43faae140cbb15b1e8e6781226dcea1db928cfeaa64b8b8e386bac737be4816a |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x519C | 5236 bytes |
font_01_sfnt_off0000633d.bin66bee1d5cc67af8160d4ba785d3f3f7abda6b94ee4593c74da1381b855239c67 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x633D | 15892 bytes |
font_02_sfnt_off000093a6.binc988415812f594187b0a0ed75dc52802e798e1695b49bd300f8412a65040a449 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x93A6 | 16204 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.