MALICIOUS
120
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1200 Hardware Add-in Systems
The PDF file contains a large number of embedded links, with one specifically identified as a malicious redirector. The document body, though heavily obfuscated, contains text related to a game trophy guide and the authoring application, suggesting a lure. The presence of numerous external links, including one pointing to a known malicious redirector at 'https://ttraff.com/wix?keyword=devil+may+cry+5+trophy+guide', indicates a likely attempt to direct users to harmful content.
Heuristics 3
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://ttraff.com/wix?keyword=devil+may+cry+5+trophy+guide
- https://static.usrfiles.com/ugd/f09a9d_486f9d6cb8014effb6be581c5c3e8947.pdf
- https://static.usrfiles.com/ugd/19103d_48b3b0c35c0742d4a72bc68c69ec1ec9.pdf
- https://static.usrfiles.com/ugd/8a419d_417e5de7174642fba939f685fd32f060.pdf
- https://static.usrfiles.com/ugd/87a178_45ecf1bda84e45c6b63c68a9cadad625.pdf
- https://static.usrfiles.com/ugd/902d29_5e0acd24a09341c8ac09d9617fae7793.pdf
- https://static.usrfiles.com/ugd/07625c_6a5a7d7612a4476fa3189c899de195d8.pdf
- https://static.usrfiles.com/ugd/67f5f7_ddc6fed045f445e6a2a457e87eb60b3b.pdf
- https://static.usrfiles.com/ugd/6290de_d1abfb608b0f43a7bc5148c7da8ff5c8.pdf
- https://static.usrfiles.com/ugd/b8c837_8a5556bc64c6445db763bc5047ee6aeb.pdf
- https://static.usrfiles.com/ugd/0d9a50_03f317de96284d289fdb3e43aa15b7df.pdf
- https://static.usrfiles.com/ugd/8a419d_994eeb4157c54e7586127f8257b1f104.pdf
- https://static.usrfiles.com/ugd/b8c837_5cdb85e260694944968d6c7e18b42741.pdf
- https://static.usrfiles.com/ugd/defcb2_2fa410c26e4a42fd8b97e6527374643f.pdf
- https://static.usrfiles.com/ugd/0df15e_6d1d31cd0cdb4b199919999bee2286a9.pdf
- https://cdn.shopify.com/s/files/1/0454/6409/2822/files/caravan_encyclopedia_of_general_knowledge_2020.pdf
- https://cdn.shopify.com/s/files/1/0433/6589/2245/files/kedoxiwo.pdf
- https://cdn.shopify.com/s/files/1/0431/0378/1015/files/you_can_win_book.pdf
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/xap/1.0/mm/
- http://ns.adobe.com/xap/1.0/rights/
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00007d68.bin1436ff9f3b338c62a3b51f0da63b45c21dc18c42c5fecdcc696fb75c8f817c6f |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x7D68 | 5596 bytes |
font_01_sfnt_off00009055.binbb1addefaf28bf4bcf4e5ea60d0fa60a41a6fedffc21db9873e67b96cb74a26f |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x9055 | 10792 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.