MALICIOUS
192
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains a link farm designed to redirect users to various "free download" PDFs, with the primary redirector pointing to a malicious URL. This tactic is commonly used in phishing campaigns to distribute malware or lead users to scam pages. The ML classifier also strongly indicated maliciousness.
Machine Learning
- Nyx PDF Classifier malicious score 0.9985
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.cc/aws?keyword=adaptive+control+system+book+pdf In PDF document text
- https://cdn.shopify.com/s/files/1/0482/7168/7835/files/how_much_does_500_kg_in_pounds.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0504/4682/7694/files/tap_tap_heroes_mod_apk_unlimited_everything.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0440/3265/5525/files/secret_life_of_bees_questions_and_answers.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0266/8681/6450/files/dragon_quest_xi_english_guide.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/b1713ada-c8ea-4111-8383-ab7a04506093/47934147980.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e3dd1c68-5247-4e61-8c34-71cea98510cd/far_cry_4_free_download_for_pc_full_version_with_crack.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/8176f6d7-df2e-4c45-b50b-aa1167a87b64/ejemplo_de_balanceo_de_lineas.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/2e26ee0e-9397-4281-a37d-99d9f532bc94/58304081361.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/31127848-2a35-4e0e-b453-91bc1e36042f/50017867739.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/33f69390-763c-48f6-bd90-99d0470f8bdb/lupemimuneretutidexos.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/69c9bd70-cacb-4c03-a1a8-697ab55ef196/82514824737.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/c6967157-5382-4283-bd22-ab4abac77901/pokemon_theta_emerald_emulator_downl.pdfIn PDF document text
- https://s3.amazonaws.com/mijedusovineti/jozexafizugotulok.pdfIn PDF document text
- https://s3.amazonaws.com/vavebufevodutob/36299189303.pdfIn PDF document text
- https://s3.amazonaws.com/henghuili-files/space_lattice.pdfIn PDF document text
- https://s3.amazonaws.com/zidosozawok/24039961802.pdfIn PDF document text
- https://s3.amazonaws.com/wibedubosateg/aaf_bag_filter_catalogue.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.