MALICIOUS
174
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF is identified as malicious by ClamAV and ML classifiers, and exhibits characteristics of a phishing lure. It contains numerous external links, with one prominent URL pointing to a potential phishing or malware distribution site. The document's structure, being image-heavy with minimal text, suggests it's designed to trick users into clicking through to malicious content.
Machine Learning
- Nyx PDF Classifier malicious score 0.6379
Heuristics 5
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 47 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xajibur.ru/award?keyword=bank+teller+interview+questions+and+answers+examples+pdf
- https://cdn.sqhk.co/kebabefepu/ihpEEZh/hungry_shark_world_hack_appvalley.pdf
- http://pemegira.22web.org/giset.pdf
- https://cdn.sqhk.co/sozodumupof/gdbmYwH/xegabov.pdf
- http://wigojedanuzuvig.iblogger.org/26400798033.pdf
- https://cdn.sqhk.co/bajipugotox/0geshi7/software_development_business_plan_doc.pdf
- https://cdn.sqhk.co/zodozane/xSghhgO/atif_aslam_new_song_2019_audio.pdf
- https://cdn.sqhk.co/neviragar/CXWPQhh/smash_bros_switch_price.pdf
- https://jedunifoxawixe.weebly.com/uploads/1/3/4/4/134458330/6eafa957efa209.pdf
- https://cdn.sqhk.co/nabixisaf/txjfbhe/cubamessenger_apk_descargar.pdf
- https://diritirafimiwav.weebly.com/uploads/1/3/4/3/134376035/7a9641dff3.pdf
- https://lopadedabebaf.weebly.com/uploads/1/3/4/8/134897987/pulonasinexer.pdf
- http://suwivewewidi.22web.org/dinozelox.pdf
- https://zegoliro.weebly.com/uploads/1/3/2/3/132303320/zekexikoboza.pdf
- https://cdn.sqhk.co/xafeperale/gidfNhb/new_horizon_fitness_center.pdf
- http://mimawusavap.iblogger.org/beelzebub_sub_indo_batch.pdf
- https://cdn.sqhk.co/tisewesir/Ghbjgdf/royalty_free_music_free_download_background_music.pdf
- https://jekufagiz.weebly.com/uploads/1/3/0/7/130739150/zakunug-pamejavu-kavakotideja-rilupora.pdf
- https://cdn.sqhk.co/dixufeja/mI0iihi/besozetomefigumofi.pdf
- http://tovedutineve.rf.gd/graphene_nanosheets_powder.pdf
- https://e691ad07-92dc-45fa-af10-8929b4045ede.filesusr.com/ugd/87b9a8_3e57f55dbf774439952ebb4a803e24f1.pdf?index=true
- https://7162f0c1-3bb2-4775-9ad2-1e34613fb889.filesusr.com/ugd/595093_24c3d769467c4bbcaa43d5a1f92c45be.pdf?index=true
- http://diwozonez.epizy.com/spd_sx_drum_pad.pdf
- http://febatejo.rf.gd/50519244574.pdf
- http://gogidovegesoxe.epizy.com/fetovupifo.pdf
- http://jugorufu.epizy.com/lejizokonapivolim.pdf
- http://sanusowadatuj.epizy.com/jowufigonakumuseniv.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.