MALICIOUS
194
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 1.0000
Heuristics 5
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINKPDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://cctraff.ru/aws?keyword=free+keto+diet+for+beginners+pdf In PDF document text
- https://cdn-cms.f-static.net/uploads/4369782/normal_5f8b02d4abcaa.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4375071/normal_5f9456ce50fdb.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4386618/normal_5f93b75b24085.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4388040/normal_5f906ae266c0f.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4386080/normal_5f91c6e06dc7e.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4369305/normal_5f8de407aee75.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4367303/normal_5f916702f2ed3.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4381318/normal_5f8c9ac8c1db6.pdfIn PDF document text
- https://cdn-cms.f-static.net/uploads/4379038/normal_5f8d36f68bf92.pdfIn PDF document text
- http://www.ascendercorp.com/In extracted file (font_00_sfnt_off00007680.bin)
- http://www.ascendercorp.com/typedesigners.htmlIn extracted file (font_00_sfnt_off00007680.bin)
- https://uploads.strikinglycdn.com/files/602e46f4-251c-4711-96cf-3d490e6654dd/sarrainodu_2017_movie_download.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/2c8be6c2-7a50-47cc-8a63-e6b4a29d3e23/jisaxakoxefatuxekepiduf.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/36d036a1-7f8c-4691-bb27-6d00dfd46d8e/rexulisifi.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/847f96f1-ae3b-44f0-ac5d-a58a41ce3d78/tanewime.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0498/7859/7790/files/48839443211.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0432/6211/6008/files/6104055765.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0266/9749/8793/files/honor_8x_android_10_update_date.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0499/8791/1830/files/binen.pdfIn PDF document text
- https://cdn.shopify.com/s/files/1/0504/3870/1206/files/jazz_piano_lessons_for_beginners.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/2a644bb2-8604-42de-a142-c8a1250b3f58/ejercicios_modulo_de_young.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/5c51ee40-52c0-49d3-a0a6-dcf6b0d23d5c/87554974827.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/12636901-7169-48eb-b931-68ae88b305c0/44278988941.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/faa6b76b-2c6f-4d8c-8254-51355220379e/duxinororilexarudali.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/e9285b14-0f2b-4c1c-81de-3487dbd2a3bc/29899172182.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/81f1c6c5-c806-4b6c-85b7-f7d566b07aa1/51816418528.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/8734d7b9-286b-41d8-9c10-3e8d1e2100a5/39409014464.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/7b2efbcd-4ceb-42e5-8d19-06c036273631/sazisuve.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/a17a2345-ab4c-45f9-a743-00d2dce4906f/flli_menegatti_jewelry.pdfIn PDF document text
- https://uploads.strikinglycdn.com/files/1656cbe3-eca9-4c59-bf3c-86ba5e0848df/23274015325.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://ns.adobe.com/xap/1.0/rights/In PDF document text
- http://scripts.sil.org/OFLIn extracted file (font_00_sfnt_off00007680.bin)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00007680.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x7680 | 5128 bytes |
SHA-256: a3882f3b168e1f8e1fc0bf7f3269425275db03240f3eacda5449af086c86c0c9 |
|||
font_01_sfnt_off00008807.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8807 | 10772 bytes |
SHA-256: 09a89756e8acfa9828eb153b572a4cce1c737fcf198849086ae1ffee8142a4fa |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.