MALICIOUS
172
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF file is identified as malicious by multiple heuristics, including a critical finding for a malicious redirector link. The 'PDF_IMAGE_LURE' heuristic indicates it's an image-only document designed to trick users into clicking, and the embedded URL points to known malicious infrastructure. The ClamAV detection further confirms its malicious nature, classifying it as a phishing trojan.
Machine Learning
- Nyx PDF Classifier malicious score 0.6306
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 48 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/award?keyword=bangsamoro+basic+law+pdf+2020
- https://static.s123-cdn-static.com/uploads/4411682/normal_5fdedb644e389.pdf
- https://cdn.sqhk.co/vivutazawi/w0jaibG/london_a_travel_guide_through_time_review.pdf
- http://rowewuxeg.getenjoyment.net/61229826862.pdf
- http://fezatubiwe.getenjoyment.net/80358500627.pdf
- https://cdn.sqhk.co/libegavezu/wgdhhVc/medicinal_plants_startup.pdf
- https://cdn.sqhk.co/pixisuja/xgi4iaE/38416156273.pdf
- http://radanews.site/hanging_tree_piano_sheet_music_easyudq51.pdf
- https://cdn.sqhk.co/dalubevemex/n5I0hhW/77604514101.pdf
- https://cdn.sqhk.co/vilitemeru/igTEngf/blue_bottle_fly_infestation.pdf
- https://cdn.sqhk.co/gusiloxi/i4dggg8/bricks_breaker_king_level_238.pdf
- https://static.s123-cdn-static.com/uploads/4426953/normal_5fe4659098fe4.pdf
- https://cdn.sqhk.co/wewidipo/42HIPje/25402379816.pdf
- https://cdn.sqhk.co/joxezexukub/icssFjc/raxanaxiroti.pdf
- https://cdn.sqhk.co/fetebutujo/WhghaFR/46905167036.pdf
- https://cdn.sqhk.co/guzoladip/gdhehgu/27967762651.pdf
- http://vashe-zdorovie.xyz/s_class_fighter_no_mans_skyd98k4.pdf
- https://static.s123-cdn-static.com/uploads/4458163/normal_5fcd2711267f6.pdf
- https://static.s123-cdn-static.com/uploads/4471109/normal_5fec3191ed890.pdf
- http://nunovoxiwanafuz.getenjoyment.net/niwulowusajipasitim.pdf
- http://bitcoins-profits.com/54231517943rzq5a.pdf
- https://cdn-cms.f-static.net/uploads/4444371/normal_5fdabc7df2dab.pdf
- https://uploads.strikinglycdn.com/files/6d3c29ba-b13d-47e8-8794-b1d1aa4986b0/sujagitikonori.pdf
- http://lanosebezazov.onlinewebshop.net/38549639646.pdf
- https://uploads.strikinglycdn.com/files/3e38bd60-7362-4ce1-b5f6-99c0c0a374ab/zakejubewogusasek.pdf
- http://jumepenitujox.atwebpages.com/71509677780.pdf
- https://uploads.strikinglycdn.com/files/33b4a267-4dcc-4e2b-9b9e-3abecddf99bf/whirlpool_fridge_ice_maker_not_working_but_water_does.pdf
- https://uploads.strikinglycdn.com/files/d07aaec2-6eff-4519-ba6c-11363921334b/91669006912.pdf
- https://uploads.strikinglycdn.com/files/31b86b8f-8e83-4569-9e2d-7453d8792d47/67378127348.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.