MALICIOUS
124
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains multiple external links, with one prominent URL suggesting a lure for a book download. The heuristic 'PDF_SEO_DISPOSABLE_LINK_FARM' indicates a pattern of using disposable hosting for numerous distinct links, suggesting a phishing or malware distribution campaign. While no scripts were explicitly extracted, the presence of external URIs and the ML classifier's prediction strongly indicate malicious intent.
Machine Learning
- Nyx PDF Classifier malicious score 0.6626
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Small PDF is a non-clustered link farm on disposable hosting medium PDF_SEO_DISPOSABLE_LINK_FARMSmall PDF contains many clickable external PDF links spread thin across many distinct hosts (no single dominant host), corroborated by a utm_term SEO-redirector link and/or links parked on free/disposable content hosts. This is the 'free document/template' SEO phishing PDF family, which ranks for search queries and routes users into payload/redirect chains, rather than a normal document citation pattern. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xezojetit.ru/aws?utm_term=the+wave+todd+strasser+full+book+pdf PDF link annotation
- https://jipofaxinevafud.weebly.com/uploads/1/3/4/3/134350183/noxuke.pdfIn PDF document text
- http://muvepifare.mygamesonline.org/mercruiser_5.0_mpi_oil_filter.pdfIn PDF document text
- http://stakingyfi.com/fedukarojejujukon118jn.pdfIn PDF document text
- http://pakirekugep.scienceontheweb.net/vunutitazatagozib.pdfIn PDF document text
- https://xidiziwuzubiwon.weebly.com/uploads/1/3/4/6/134653180/zejosegarukag.pdfIn PDF document text
- http://sfhgfje5df.xyz/cortisone_shot_in_knee_leg_pain6hvce.pdfIn PDF document text
- http://triple-doska1.club/kitchenaid_mixer_ksm150_repair_manualtur2i.pdfIn PDF document text
- http://tobufupevujuma.mygamesonline.org/living_with_the_himalayan_masters_tamil.pdfIn PDF document text
- https://rikutokamalaru.weebly.com/uploads/1/3/4/3/134319242/e93f32055fcc9.pdfIn PDF document text
- https://rababavuve.weebly.com/uploads/1/3/1/8/131871532/wedez.pdfIn PDF document text
- http://widifusi.myartsonline.com/15659526593.pdfIn PDF document text
- https://7f793f8f-877f-420e-851b-8bae9ea62a4d.filesusr.com/ugd/78c764_bdebf0de01c7440b9c2ea194ca0d15ed.pdf?index=trueIn PDF document text
- http://dipuvomefig.epizy.com/11771121800.pdfIn PDF document text
- https://a96990da-dd17-4b11-844c-aba2d588d1b6.filesusr.com/ugd/5e5e7b_ec7eea5e159b4f4da85457653bde1743.pdf?index=trueIn PDF document text
- http://jipizizesotexo.rf.gd/12663823086.pdfIn PDF document text
- https://59548cc9-d6a6-4b2e-bd73-2bfb7290c7b5.filesusr.com/ugd/3fd21f_2c65dc70f25d4963ae0ec591ecb44bad.pdf?index=trueIn PDF document text
- https://dacf5b84-f80e-4bd8-bb7f-22aad20a1cd8.filesusr.com/ugd/285be4_b192efe1fee5496fa5db02734eb82b11.pdf?index=trueIn PDF document text
- http://figofubinodafe.rf.gd/learn_korean_fast_free.pdfIn PDF document text
- http://vuwepowav.epizy.com/24483912849.pdfIn PDF document text
- https://1350f94c-8d6f-42b4-8351-24983ad6a49a.filesusr.com/ugd/4aae87_03ccb177cdb249609b2a4c62c4ade652.pdf?index=trueIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.