MALICIOUS
134
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is a PDF document that contains a heuristic indicating it is a phishing lure, specifically using an image to redirect users to a URL. The embedded URL `https://bologen.ru/award?keyword=plantation+d+arachide+pdf` is identified as a potential phishing or malware download site. ClamAV also detected this file as `Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0`, further supporting its malicious nature.
Machine Learning
- Nyx PDF Classifier malicious score 0.6969
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://bologen.ru/award?keyword=plantation+d+arachide+pdf PDF link annotation
- https://static.s123-cdn-static.com/uploads/4378151/normal_5ffab6905bae7.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4408478/normal_6040b93e536e9.pdfIn PDF document text
- http://bogplaktnc.fun/how_to_get_started_with_woodworkingqe1l0.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4491451/normal_5fcad5449375b.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4368731/normal_60254e329d91e.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4449397/normal_5fee34a60f107.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4383695/normal_5fedf2f376719.pdfIn PDF document text
- http://raifaisentgo.online/aproximaciones_7th_edition_answersl2ibx.pdfIn PDF document text
- http://trelon.fun/zolopidosituh3m13.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4486035/normal_601f75d3c5ad6.pdfIn PDF document text
- http://reduslimitaly-ufficiale.website/nefebitutunixki0q.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4482191/normal_5fdd3fd033e8e.pdfIn PDF document text
- https://ab737b70-891a-4a1f-8db9-ee548211cb31.filesusr.com/ugd/ce14f3_ac71507bf5fd4530b415b6d3b7fda5df.pdf?index=trueIn PDF document text
- https://9f53eded-325d-4e02-8430-7c09bd872488.filesusr.com/ugd/e04405_a74558b0d6c94c9384a3d6607a1393eb.pdf?index=trueIn PDF document text
- https://uploads.strikinglycdn.com/files/8b6896e4-2498-473a-8829-58a566635672/bose_qc15_replacement_ear_pads_australia.pdfIn PDF document text
- https://964beff5-d24f-450a-94e2-fa7e9faef44a.filesusr.com/ugd/61158f_666edb6e567f4ecbb1191216aa41d85e.pdf?index=trueIn PDF document text
- https://53ebb62d-ddaf-432f-8dc3-1f4746653467.filesusr.com/ugd/bbd3cf_ebc11ebbbc224e01b8cc9473b604a981.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/kexamoxusinixu/nusepakebexuvategawatab.pdfIn PDF document text
- https://s3.amazonaws.com/zupenafud/27086874300.pdfIn PDF document text
- https://04a80c79-134c-446e-801b-0c1635678e59.filesusr.com/ugd/5cebf8_1c7c91b5419848a6a152dc20df85d77a.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/saxefi/emulateur_android_sous_mac.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/5bdb0b28-bba7-487f-9806-d1b4480fc83b/72786393297.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.