MALICIOUS
94
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file embeds external URLs that direct users to attacker-controlled resources. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.8479
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://dafemum.ru/award?keyword=america+the+story+of+us+rebels+worksheet+pdf PDF link annotation
- http://fibutogu.mywebcommunity.org/bottlehead_crack_manual.pdfIn PDF document text
- http://vomimaforotagi.mywebcommunity.org/what_does_af_mean_on_my_maytag_dryer.pdfIn PDF document text
- http://lestyprin.online/sentry_safe_key_and_combinationc59zn.pdfIn PDF document text
- http://temimiwug.iblogger.org/applied_social_science_book.pdfIn PDF document text
- http://lienforkid.com/night_killer_serial_killerdjdy5.pdfIn PDF document text
- http://digitalmedialit.com/53631917365wucl9.pdfIn PDF document text
- http://naturmilans.fun/who_is_the_killer_in_the_killing_season_1_danishi3pw6.pdfIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- https://1dab3517-3db0-43ff-9fd6-b65b51f65b60.filesusr.com/ugd/565485_406608db355d4e39a16c687989a4cc2f.pdf?index=trueIn PDF document text
- http://nomagupave.rf.gd/44610565159.pdfIn PDF document text
- https://8d537faf-e869-4ed9-a29f-988560fab1dc.filesusr.com/ugd/0cce51_cbdd8b5b7ac34b2f8a7c83106747071c.pdf?index=trueIn PDF document text
- http://vimodamugirad.rf.gd/lixifoduvekomumaba.pdfIn PDF document text
- https://945b3f91-9c76-4178-be32-f0dab3cfe2c6.filesusr.com/ugd/8d5d69_66ed2755bfd448fbb93e69bf7d3e6c65.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/zuwosil/numerical_techniques_in_electromagnetics_with_matlab.pdfIn PDF document text
- https://s3.amazonaws.com/buwosevax/14478807684.pdfIn PDF document text
- https://s3.amazonaws.com/zarusegibitumet/sed_and_awk_101_hacks_download.pdfIn PDF document text
- http://didexivuguw.rf.gd/46819241719.pdfIn PDF document text
- https://042e50b4-45d0-4577-915a-c14d43ab21ad.filesusr.com/ugd/18f527_4664770d2a6346c9a7aa4115f7bfe923.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/gozilum/animation_photo_frames_app.pdfIn PDF document text
- https://s3.amazonaws.com/xijalovelokolep/we_were_liars_summary_chapter_11.pdfIn PDF document text
- https://s3.amazonaws.com/jonora/tupajitofadelegabuv.pdfIn PDF document text
- https://1ce8651a-bfbb-4b9a-b1bf-24b3b574775a.filesusr.com/ugd/ac72e0_fe738374a4fa4a218b9673bd26b68e6e.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/defujo/side_lengths_of_a_triangle_worksheet.pdfIn PDF document text
- http://scripts.sil.org/OFLIn PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000fc53.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xFC53 | 5784 bytes |
SHA-256: a61412fbe3e56345090cdda4435e94a9a76c93adf0d02456389bd462916a1737 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.