MALICIOUS
114
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF is identified as an image-only document designed as a lure, typical of phishing or malware distribution campaigns. It contains numerous external links, with one prominent URL pointing to a potential landing page. The heuristic 'PDF_SEO_LINK_FARM' indicates a large number of linked PDFs, suggesting a broad distribution or SEO-based lure strategy. No scripts were extracted, but the presence of external links and the lure technique strongly suggest an attempt to redirect users to malicious content.
Machine Learning
- Nyx PDF Classifier malicious score 0.5147
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 69 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://baarspo.ru/award?keyword=catalogo+bticino+magic+pdf
- https://cdn.sqhk.co/norowitidot/XIzUhhB/62286514887.pdf
- https://wozukepob.weebly.com/uploads/1/3/4/0/134017809/popopu_nazuwoteg.pdf
- https://cdn.sqhk.co/duwutawuna/khaL7he/kofimin.pdf
- https://cdn.sqhk.co/mujekesire/jfEzjjA/nubiguvajesafaregadobiru.pdf
- https://pujuwofox.weebly.com/uploads/1/3/4/8/134882524/f9dcdf3073422.pdf
- https://cdn.sqhk.co/jufebarur/gjgdjg5/i_wish_you_were_gay_karaoke_acoustic.pdf
- https://tafifomoku.weebly.com/uploads/1/3/1/8/131856516/kirutajofuxisu.pdf
- https://wemezixogasowed.weebly.com/uploads/1/3/1/6/131637562/zoxep.pdf
- https://jojeditisiteso.weebly.com/uploads/1/3/1/6/131606373/5bf0eafb7b18.pdf
- https://cdn.sqhk.co/jabosuve/j1Ahfrz/71167529238.pdf
- https://lipixifafamuxa.weebly.com/uploads/1/3/0/9/130969384/fd423ac.pdf
- https://cdn.sqhk.co/pininipata/ijjchcm/24005624794.pdf
- https://cdn.sqhk.co/terasovo/ig3ifOG/73231557915.pdf
- https://cdn.sqhk.co/lajoroteb/ihahdfh/83049050278.pdf
- https://cdn.sqhk.co/rujiwujik/agfhhsI/hitachi_compute_blade_500.pdf
- https://weranatowo.weebly.com/uploads/1/3/1/4/131408071/d324424.pdf
- https://uploads.strikinglycdn.com/files/adc7ed62-8819-403c-aa36-fdeceb097589/how_to_take_detox_organic_apple_cider_vinegar.pdf
- https://uploads.strikinglycdn.com/files/79ee47e9-353a-4dec-ba94-40607f718507/amplifi_tt_instructions.pdf
- https://97783159-ced7-426e-9fbd-60d2bb3342fb.filesusr.com/ugd/00058f_e9d2d6dd39734f7cb4c65b4669435886.pdf?index=true
- https://3633ae4e-9acc-45df-885e-1bfa1481cb44.filesusr.com/ugd/e73054_f2e264234a6b4d46a53fd41eb9285369.pdf?index=true
- https://uploads.strikinglycdn.com/files/690b3856-b334-4f8f-b3d7-8d60c7d91c50/tissot_t-touch_connect_solar_smartwatch_review.pdf
- https://uploads.strikinglycdn.com/files/d14e6f25-23ae-4b1a-a9ab-e8fac3c2a3be/wibelapujinu.pdf
- https://e4da1597-3bb3-488b-9226-7c2c9e06e9ce.filesusr.com/ugd/db5d73_02f7cf62a22e47ac87ccbacaeb14f7c5.pdf?index=true
Open this report in the interactive analyzer, or submit your own file for analysis.