MALICIOUS
194
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 1.0000
Heuristics 5
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://traffking.ru/aws?keyword=car+audio+speaker+wire+size+calculator In PDF document text
- https://zewosesivate.weebly.com/uploads/1/3/4/5/134591998/49fd7f.pdfIn PDF document text
- https://dogamoduxex.weebly.com/uploads/1/3/4/4/134481485/7196168.pdfIn PDF document text
- http://www.ascendercorp.com/In PDF document text
- http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
- https://uploads.strikinglycdn.com/files/ae826351-670d-4dd5-9d3d-44836cf09b1d/75373963445.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/ac312500-3121-4d04-8971-e47eff586a59/69580584557.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/a85f7724-d362-43a5-9cb0-510de3385548/nutazefobezelogadu.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/69df63e8-0ce4-4476-8602-2d8b709b2aac/aoki_lapis_and_merli.pdfIn PDF document text
- https://s3.amazonaws.com/sizadagazagaj/monosekajevumimukunoraza.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/74b07204-e9b0-46e6-9519-874e8ae10dfa/74090096669.pdfIn PDF document text
- https://s3.amazonaws.com/sukobogixe/dihybrid_punnett_square_practice_problems_problem_a_answer_key.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/d362a67f-e7fa-4e37-ac4f-c0eaf399c855/67077214150.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/91b282df-b1d9-49fe-b773-f64aabdcd595/38914386025.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/ff73d122-636b-48f6-a4d2-0a54a250de07/62220013850.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/3ac72723-3dd4-4561-9b1d-d5601d53aa2a/problemas_ecuaciones_de_segundo_grado_doc.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/696892b7-c059-4a89-a408-538053ce5068/8_prayer_watch_hours.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/0ff98f32-013b-48f7-9ada-0ac652871634/14102316728.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e0616cb0-41af-4e81-8bf6-be616d34131a/lonipitofot.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/da741830-d061-4cd3-ad5a-00514a4aff68/55026455748.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://ns.adobe.com/xap/1.0/rights/In PDF document text
- http://scripts.sil.org/OFLIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000621e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x621E | 5176 bytes |
SHA-256: 6c0d782a14dd233ce79ea05a93ef9e6cdf2328e32ca9b8d34ac70494b047e7ad |
|||
font_01_sfnt_off000073e4.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x73E4 | 9916 bytes |
SHA-256: afa866e3d72917e0e730c6937572ef19c72c7a6c1969660fecf63aa54dc8eb34 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.