PDF malware analysis — malicious · f0323b567ce0a3d1

MALICIOUS

PDF

259.7 KB Created: 2021-08-11 20:18:17 +03:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 5.11.3) First seen: 2021-09-18

MD5: 9e69c7cece72bffd2f85c467e6e6ef91 SHA-1: 568f43dea24ec6722d9f81e4b31d1de6b660f93a SHA-256: f0323b567ce0a3d1426c631441cf4ffac07074edd8df82dd0174bf16b85ce530

64 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment T1204.002 Malicious File

The file was identified by ClamAV as Pdf.Phishing.Trojan, indicating a phishing or malware distribution attempt. The embedded URI, while flagged as confirmed benign, is associated with the malicious detection. The PDF structure and the ClamAV signature strongly suggest this file is part of a phishing campaign or a malware delivery mechanism.

Machine Learning

Nyx PDF Classifier clean score 0.0597

Heuristics 3

ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
External URI info PDF_URI

PDF contains an external URL action
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL https://feedproxy.google.com/~r/1eyvgo/aqOO/~3/BkSY9tpko7c/uplcv?utm_term=drawing+atoms+worksheet+pdf+answer+key PDF link annotation

Open this report in the interactive analyzer, or submit your own file for analysis.