MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file was detected as a phishing trojan by ClamAV. It contains multiple embedded URLs, some of which point to PDF files, suggesting a phishing or malware distribution attempt. The document body is heavily obfuscated, preventing a clear understanding of its specific lure, but the presence of external URIs and the ClamAV detection strongly indicate malicious intent. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier suspicious score 0.4209
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://pivotal-technologies.com/userfiles/file/8867306903.pdf In PDF document text
- http://robvancampen.nl/userfiles/file/71407177418.pdfIn PDF document text
- https://nocenzura.space/web/img/podborky/files/sepik.pdfIn PDF document text
- http://alwaditrading.com/userfiles/files/67375998480.pdfIn PDF document text
- https://shopexpert.com/app/webroot/files/userfiles/files/mozateseda.pdfIn PDF document text
- http://www.kliningstroy.ru/wp-content/plugins/formcraft/file-upload/server/content/files/161434b89d26a6---78187840011.pdfIn PDF document text
- https://feedproxy.google.com/~r/1eyvgo/aqOO/~3/FevRqgeaUVY/uplcv?utm_term=wombo+ai+pro+apk+downloadPDF link annotation
Open this report in the interactive analyzer, or submit your own file for analysis.