MALICIOUS
154
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as malicious by ClamAV and an ML classifier. The file embeds a large number of external links characteristic of an SEO link farm. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.8642
Heuristics 4
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://nipisod.ru/strik?utm_term=what+is+ticker+symbol+for+s%2526p+500 PDF link annotation
- https://static.s123-cdn-static.com/uploads/4426088/normal_5fefb411e43ba.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4494891/normal_5ff298d0ae338.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4368751/normal_601cfbbacdc5e.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4370307/normal_5fedd52259887.pdfIn PDF document text
- https://s3.amazonaws.com/sorogamat/24133670609.pdfIn PDF document text
- https://6a9ecc2b-05c3-4056-8705-773ae6be8cdd.filesusr.com/ugd/7a359d_56906d85081643b1b2537d76ab9cf9b3.pdf?index=trueIn PDF document text
- https://83f018a0-8e49-44f0-b57e-805e464a5f06.filesusr.com/ugd/10a4aa_bdd4318b05644d08bf0d0ad8d5a5fdb2.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/muvazi/company_intro_presentation_template.pdfIn PDF document text
- https://ab25a8b3-4d80-4d4b-93a1-c1347014fa7c.filesusr.com/ugd/8d0191_e0e84ed7b2dc4f87a4022c37c5a91186.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/xijalovelokolep/bipomunor.pdfIn PDF document text
- https://s3.amazonaws.com/dejazuvorira/east_of_eden_salinas.pdfIn PDF document text
- https://e18e6c05-101e-4f41-9c4d-f518aea09dbb.filesusr.com/ugd/7972b3_8580b0cc55b24256960abf82d82918a6.pdf?index=trueIn PDF document text
- https://d09251a9-b09e-4077-8ccb-24037f005f7b.filesusr.com/ugd/a6ce17_e506ab64b8b24373bfb8d24ff40ddc90.pdf?index=trueIn PDF document text
- https://ba739632-11db-41f7-a023-683a20e55d36.filesusr.com/ugd/99835b_264bf36258604ea4bbeee89b914f021b.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/fosagobomap/home_loan_emi_calculator_excel_sheet.pdfIn PDF document text
- https://ede8a7a3-2377-4e09-926a-401222b31c25.filesusr.com/ugd/81c89d_167cf511e1e144838cf0a1a3c6c273fa.pdf?index=trueIn PDF document text
- https://7c3dd69e-6649-485e-b385-36acc2971cd6.filesusr.com/ugd/cf9ff1_57a67746ad094106ba0ebd72763edd7a.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/sizadagazagaj/libro_alter_ego_b1.pdfIn PDF document text
- https://667abc8f-92ca-45d9-bc9d-789c80a68858.filesusr.com/ugd/dcd78f_96f8e8ae984b4a539f259f5585b3e52a.pdf?index=trueIn PDF document text
- https://s3.amazonaws.com/nafoxuda/wosovukubazuzebunomex.pdfIn PDF document text
- https://441768bb-9839-4df4-8f78-dd1233b527f6.filesusr.com/ugd/7e6080_d55a09765127436fa13ea53dd8dba79a.pdf?index=trueIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.