MALICIOUS
140
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a mass link farm, with many links pointing to Shopify domains, likely for SEO manipulation or to host malicious content. One critical heuristic identified a link to a known malicious redirector at 'ttraff.com'. The document body also contains text suggesting a callback phishing or tech-support scam pretext, further indicating malicious intent. No scripts were extracted from this sample.
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Callback phishing phone lure medium SE_CALLBACK_LUREDocument asks the user to call a phone number in billing, refund, subscription, fraud, or security context — consistent with callback phishing or tech-support scam patterns
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.com/wix?keyword=effet+de+vague+tome+3+pdf
- https://cdn.shopify.com/s/files/1/0434/6147/6504/files/mumojusadepowewedesewukag.pdf
- https://cdn.shopify.com/s/files/1/0433/0687/7080/files/20136550696.pdf
- https://cdn.shopify.com/s/files/1/0434/2838/0839/files/57280066377.pdf
- https://cdn.shopify.com/s/files/1/0437/3859/5482/files/mivaraf.pdf
- https://cdn.shopify.com/s/files/1/0437/6638/2746/files/xizap.pdf
- https://static.usrfiles.com/ugd/b8c837_a81b69b956e5473c91c32c5a7c31e113.pdf
- https://static.usrfiles.com/ugd/b8c837_44efff5c5cb9483fa3f7557a02b30d8d.pdf
- https://static.usrfiles.com/ugd/b8c837_165909e2bd984fe8a5d4d9948cac662a.pdf
- https://static.usrfiles.com/ugd/b8c837_ab4f9d48c22d494599d8e2ae0395aae7.pdf
- https://static.usrfiles.com/ugd/b8bbd7_771375b0e9214114893da29b167ee3a3.pdf
- https://static.usrfiles.com/ugd/b8c837_7a34f25398c34df9b1a99cc4e235aec6.pdf
- https://static.usrfiles.com/ugd/2f8cea_f4bc2866335c4d4b845d5aaa490a85a6.pdf
- https://static.usrfiles.com/ugd/b8c837_decd755ffaf740bcaa3f681a02f97f30.pdf
- https://static.usrfiles.com/ugd/b8c837_e2aa5f7c293f40e8a49fb8af0b84d0d0.pdf
- https://cdn.shopify.com/s/files/1/0431/8730/6658/files/explain_the_branches_of_psychology.pdf
- https://cdn.shopify.com/s/files/1/0434/1301/2630/files/safety_management_system_audit_checklist_pdf.pdf
- https://cdn.shopify.com/s/files/1/0430/0223/2983/files/psicologia_definicion.pdf
- https://cdn.shopify.com/s/files/1/0431/3199/4280/files/security_master_plan_template.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000709c.binb82b842c5c141294e4148b1ad2a81646ec3d704ff0a23ecf18f0bec66295c55a |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x709C | 5236 bytes |
font_01_sfnt_off00008278.bin8ff9caf87fdaad38c2e1d99f4576986e45976d00038cddce7f3a2d45858e2440 |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8278 | 12112 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.