MALICIOUS
84
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
T1204.002 Malicious Link
The PDF document contains a high-severity heuristic firing for a random URL link, directing users to a suspicious domain. Additionally, a password-protected archive lure heuristic indicates the document is designed to trick users into decrypting a payload. The embedded URLs suggest a download or exploit delivery mechanism.
Machine Learning
- Nyx PDF Classifier clean score 0.0187
Heuristics 4
-
PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINKPDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
-
Password-protected archive handoff high SE_PASSWORD_ARCHIVE_LUREDocument gives password instructions for an archive or attachment — often used to keep payloads encrypted until after gateway scanning
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://esecuritys.com/unaffiliated/Q1JBQ0sgVG90YWwgQ29tbWFuZGVyIDcuMDIgTXVsdGlsYW5ndWFnZSAoUmVnaXN0ZXJlZCkQ1J/amended/bakhitova/backcourt/deos.ZG93bmxvYWR8ZUkwTlhnNE5IeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA?&intergrated=mcgreevey
- https://www.royal-stiftung.ch/sites/default/files/webform/founding_request/microsoft-24ghz-transceiver-v80-driver-windows-7-49.pdf
- https://granadaproperti.com/taarezameenparmovieintelugudownload-link/
- https://smartbizad.com/advert/offensive-security-crack-toping-the-perimeter-pdf-download/
- https://yaapoo.com/upload/files/2022/07/HpbGEJuFEjh2QIu3NqIN_07_8c506e6e536867bf7f31c919b0ac947d_file.pdf
- https://repliquetees.com/advert/fifa-09-crack-reloaded-torrent-__hot__/
- https://www.cameraitacina.com/en/system/files/webform/feedback/wannfarr500.pdf
- http://cmsglobalproducts.com/?p=1398
- http://www.diggamen.com.au/system/files/webform/icecream-screen-recorder-pro-572-activator-keygen.pdf
- https://www.prarthana.net/pra/mubarakan-2017-bolly4u-me-bluray-hindi-720p-1-1gb-mkv/
- https://gameurnews.fr/upload/files/2022/07/hyhRUYEA8kIB72rdYgSc_07_f54a3a711efc7684e7d36a50a0f7f3fb_file.pdf
- https://www.planetneurodivergent.com/wp-content/uploads/2022/07/jaggedalliancebackinactiontrainer113gdownload.pdf
- http://www.healistico.com/hewlett-packard-hp-laserjet-1100-driver-free-download-toptrmds/
- https://divyendurai.com/discografia-fernandinho-download-best-torrentl/
- https://www.lakemaryfl.com/sites/g/files/vyhlif746/f/uploads/fy22_adopted_budget_ada.pdf
- https://marketstory360.com/news/52017/dotnetfx45-full-x86-x32exe-23-top/
- https://egypt-aquarium.com/advert/kill-dil-2-full-movie-1080p-exclusive-download-torrent/
- http://kolatia.com/?p=11429
- https://paulinesafrica.org/propresenter-6-windows-crack-torrent-free/
- https://social.cybertecz.in/upload/files/2022/07/RWvnuzCLB3Hr6Vced36C_07_8550d37e1f3f62c52ee4de8cff8f4b84_file.pdf
- https://trello.com/c/M8w4k2JO/72-free-hot-download-prodad-heroglyph-v-4-64-bit
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.