MALICIOUS
94
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.007 JavaScript
The file is identified as malicious by ML classifiers and ClamAV, specifically as a phishing trojan. It contains an embedded URI pointing to a suspicious domain, likely intended to deliver a malicious payload or redirect the user to a phishing site. The document body, though heavily obfuscated, suggests a lure related to diet recipes, a common tactic for phishing and scams.
Machine Learning
- Nyx PDF Classifier malicious score 0.7073
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://zajinet.ru/award?keyword=zero+belly+diet+smoothie+recipes+pdf
- http://lalabomujulimof.mywebcommunity.org/fopotewixemojalisulalet.pdf
- http://devlp.design/chronicles_of_narnia_older_moviesdhpug.pdf
- http://goodsun.space/concepto_de_salud_segun_la_oms_actualizadoecgra.pdf
- https://cdn-cms.f-static.net/uploads/4421462/normal_6045489068f1b.pdf
- http://hookup154.site/change_management_theories_in_nursingmeui5.pdf
- http://milanomoda-italy.site/castle_hustle_arena_strategyhnq0b.pdf
- http://idealica-italiaoficial.site/voverepewegenemixozidujilk3x4.pdf
- https://cdn-cms.f-static.net/uploads/4485153/normal_6048171a3cf5d.pdf
- http://fotubobuwenapu.scienceontheweb.net/asus_xonar_d2_pm_drivers.pdf
- http://vowufijetapiko.sportsontheweb.net/32880558256.pdf
- https://cdn-cms.f-static.net/uploads/4458124/normal_60100bf8266eb.pdf
- https://cdn-cms.f-static.net/uploads/4479462/normal_6042e16bd7ba7.pdf
- https://cdn-cms.f-static.net/uploads/4410199/normal_601cc0f87e431.pdf
- https://cdn-cms.f-static.net/uploads/4450727/normal_5fda3ded9f47a.pdf
- https://cdn-cms.f-static.net/uploads/4422386/normal_602982e1c34bd.pdf
- http://www.ascendercorp.com/
- http://www.ascendercorp.com/typedesigners.html
- http://bifiwapaz.onlinewebshop.net/beats_by_dre_solo_3_on-ear_wireless_headphones_-_red.pdf
- http://wumugajus.onlinewebshop.net/xukikowaxumurovo.pdf
- https://67bb8873-ca08-4da4-87c0-60a8072ebff6.filesusr.com/ugd/a838c0_9acf5f11ef44427082fbc7edd0adf9a9.pdf?index=true
- https://uploads.strikinglycdn.com/files/a53f0d66-3fbf-4237-84c8-c8ca7ce4df48/niliruparufudu.pdf
- https://uploads.strikinglycdn.com/files/46b7a40a-ca96-4646-83c3-c5b564ac0591/97042289735.pdf
- https://cceb078e-1df6-42b0-9e12-359f30e42f1d.filesusr.com/ugd/e8506d_c106663ae998478ba79d50a2d9f44607.pdf?index=true
- https://uploads.strikinglycdn.com/files/f9b5ebf2-3cb3-4282-ab61-0ff6be826ec3/jurojeke.pdf
- https://uploads.strikinglycdn.com/files/2940c030-9da8-4d0a-9e48-d627d3afd46e/the_theory_and_practice_of_oligarchical_collectivism_by_emmanuel_goldstein.pdf
- https://a91873a8-1f5b-4151-915d-af39eb211f25.filesusr.com/ugd/3f80ec_02e95203b1f64aeab14b93ffe6d2ca58.pdf?index=true
- https://uploads.strikinglycdn.com/files/9a7ebddb-5e88-4b4f-be1d-88a6074fb5ee/lasisekij.pdf
- http://scripts.sil.org/OFL
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000e1e0.bincaac17b3f7e451f59febfb8a2cdf9c7a0e8c5fd898977f2e4f561747b115fc0d |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xE1E0 | 5384 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.