MALICIOUS
154
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains a large number of external links, many of which point to other PDFs, suggesting a link farm or SEO poisoning tactic. One prominent URL, 'https://crophysi.ru/award?keyword=machinist+hammer+plans+pdf', is directly associated with the document's apparent theme. The ClamAV detection and ML classifier further indicate malicious intent, likely related to phishing or malware delivery.
Machine Learning
- Nyx PDF Classifier malicious score 0.5074
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://crophysi.ru/award?keyword=machinist+hammer+plans+pdf PDF link annotation
- https://cdn.sqhk.co/zagusebipin/hxhiqgc/puvubogijopufonoduta.pdfIn PDF document text
- https://cdn.sqhk.co/kogewole/jjX6ij9/30430284734.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4393625/normal_5ff21e160abcc.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4481285/normal_5ff3ea2a8e35f.pdfIn PDF document text
- https://cdn.sqhk.co/jojojidatun/a0dZpyx/bezukapopinini.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4405953/normal_6046816666e67.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4420761/normal_604332e5bc299.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4454049/normal_5fdd327e63df1.pdfIn PDF document text
- https://cdn.sqhk.co/xifinelire/jOYxhib/best_deals_on_amazon_prime_day_canada.pdfIn PDF document text
- https://cdn.sqhk.co/lowanivari/9MRgijj/89559080272.pdfIn PDF document text
- https://cdn.sqhk.co/bulunazi/isq8hfv/goal._com_english_premier_league_table.pdfIn PDF document text
- https://s3.amazonaws.com/pusolefosex/51449858304.pdfIn PDF document text
- https://550dfcec-0280-4316-a0d5-68b74a7a20b9.filesusr.com/ugd/f59309_8eab963d6c934654b2d1eff97c9233ad.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/kofabube/21160351749.pdfIn PDF document text
- https://044ec7df-721b-4788-b209-87474a3fcb06.filesusr.com/ugd/60ffa2_11ff2f64d7bf48379a6983b3d8871db8.pdf?index=trueIn PDF document text
- https://24218389-b518-4ca3-8548-65eaf758daa4.filesusr.com/ugd/c836c3_f34cef0ee39b4b6589665cbb9e7e23f0.pdf?index=trueIn PDF document text
- https://09d56968-2ae9-412d-ad86-e67dc63a1c23.filesusr.com/ugd/e8b91f_ef1074d598ea4b65a9b1919cf11e3356.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/lebejos/66007467294.pdfIn PDF document text
- https://s3.amazonaws.com/gurafoga/femaguw.pdfIn PDF document text
- https://s3.amazonaws.com/musoxifuvitalo/icloud_email_address_format.pdfIn PDF document text
- https://s3.amazonaws.com/furunumaroxun/why_is_child_led_learning_important.pdfIn PDF document text
- https://s3.amazonaws.com/jofunozuzof/fimazilijelopis.pdfIn PDF document text
- https://80c8fd16-4cf8-4f9f-b52b-d6c956df8f3b.filesusr.com/ugd/1a94e8_1156fb73aab44e659974691595fb6cdc.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/zoluwivebiro/6809176651.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.