PDF malware analysis — malicious · c07bff098f8dcda4

MALICIOUS

PDF

41.5 KB Created: 2021-09-04 08:27:43 +03:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 5.11.3) First seen: 2021-10-05

MD5: 59ac07bb519dcfcf660c1e98e5b11d91 SHA-1: dbc57d2867bcccb83574a0e5fc4d1ee7eb1eabbf SHA-256: c07bff098f8dcda46fa5ba15a04285d593ff6384ba2f63018541a2728f4bc284

64 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The ClamAV heuristic identified this PDF as a phishing trojan. While no executable scripts were found, the PDF contains an embedded URI that points to an external resource. This suggests the file's primary function is to lure the user to a compromised or malicious website, likely for credential harvesting or further malware delivery.

Machine Learning

Nyx PDF Classifier suspicious score 0.3406

Heuristics 3

ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://feedproxy.google.com/~r/1eyvgo/aqOO/~3/FevRqgeaUVY/uplcv?utm_term=olympus+film+camera+manual PDF link annotation

Open this report in the interactive analyzer, or submit your own file for analysis.