Malware Insights
The PDF file contains a large number of external links, identified by the PDF_SEO_LINK_FARM heuristic, suggesting it is part of a link farm or designed to host malicious content. One of the extracted URLs, https://ponafet.ru/strik?utm_term=maytag+appliance+repair+green+bay+wi, is presented in the document body and is likely a lure. ClamAV detection and ML classification also indicate maliciousness. While no scripts were explicitly extracted, the presence of numerous external links and the nature of the PDF_SEO_LINK_FARM heuristic suggest potential for JavaScript execution or redirection to malicious sites.
Machine Learning
- Nyx PDF Classifier malicious score 0.6421
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ponafet.ru/strik?utm_term=maytag+appliance+repair+green+bay+wi PDF link annotation
- https://cdn.sqhk.co/vavetiset/idKOifY/sobavesaxaxonurevaluve.pdfIn PDF document text
- http://photoforce.ru/18001224271q9btk.pdfIn PDF document text
- http://info-pages.ru/33906523093zna9.pdfIn PDF document text
- http://adachivia.store/a_little_life_bookansnn.pdfIn PDF document text
- https://cdn.sqhk.co/wofunukasu/haigRii/i_wish_you_were_here_meaning.pdfIn PDF document text
- http://duvazejezirofid.22web.org/79109496261.pdfIn PDF document text
- http://latencfsrt.space/apk_ipa_brawl_stars_private_server2unlh.pdfIn PDF document text
- http://winoorama.website/10145739668dyng7.pdfIn PDF document text
- https://cdn.sqhk.co/gedugari/jtTkTr8/c_v_t_full_form.pdfIn PDF document text
- http://dafolilujoxupan.rf.gd/xivexux.pdfIn PDF document text
- https://s3.amazonaws.com/baritexovopa/restaurant_flyer_template_word_free.pdfIn PDF document text
- https://s3.amazonaws.com/leributafa/owners_manual_for_samsung_tv.pdfIn PDF document text
- https://s3.amazonaws.com/palikuvexake/dell_poweredge_t30_datasheet.pdfIn PDF document text
- https://6ec3981f-6443-463b-a164-91fc69f101d9.filesusr.com/ugd/7603ae_38652db9f1084cb2864d52337d9f5c2e.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/wujafivabipo/kokepotesuviw.pdfIn PDF document text
- https://s3.amazonaws.com/nabifovu/zisapewuzitegefipib.pdfIn PDF document text
- http://vivijar.epizy.com/what_is_green_revolution_in_the_philippines.pdfIn PDF document text
- https://5d3a3edc-1384-4eb0-a354-174dd54c13aa.filesusr.com/ugd/7f5dc5_013649e802d44e948cc5e0bac9c677cc.pdf?index=trueIn PDF document text
- http://rarobijeriv.rf.gd/cissp_exam_guide_shon_harris.pdfIn PDF document text
- https://s3.amazonaws.com/remuv/absite_smackdown.pdfIn PDF document text
- http://wujikefixazoni.epizy.com/26097468775.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.