MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is identified as malicious by ClamAV with a specific signature indicating phishing and trojan behavior. The PDF contains embedded URLs, one of which is flagged as unknown reputation, suggesting a potential lure for malicious activity. The document body is heavily obfuscated and truncated, preventing a clear understanding of its specific content, but the presence of unknown reputation URLs and the ClamAV detection strongly indicate a phishing or malware distribution attempt.
Machine Learning
- Nyx PDF Classifier suspicious score 0.4337
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://evg-prague.fr/wp-content/plugins/formcraft/file-upload/server/content/files/1607017d235e56---80250766356.pdf In PDF document text
- http://raffaelecavazzoni.com/userfiles/files/tejotojawodusogujijidamo.pdfIn PDF document text
- https://pharmnet.cz/ckfiles/files/files/47559336862.pdfIn PDF document text
- http://pinturasoltra.com/images/slider/files/jawaduwewexuvumozabanabit.pIn PDF document text
- https://feedproxy.google.com/~r/1eyvgo/aqOO/~3/cv9VXjIrmdE/uplcv?utm_term=bloom%27s+taxonomy+analysis+questionsPDF link annotation
Open this report in the interactive analyzer, or submit your own file for analysis.