MALICIOUS
172
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
This PDF document is designed as a phishing lure, presenting a screenshot to entice users to click a link. The embedded link, https://yafferge.ru/aws?utm_term=structure+of+textula, is identified as a malicious redirector. The document's structure and the presence of a malicious link strongly indicate a phishing attack aimed at redirecting users to a compromised site.
Machine Learning
- Nyx PDF Classifier malicious score 0.8241
Heuristics 4
-
PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINKPDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 55 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://yafferge.ru/aws?utm_term=structure+of+textula
- https://cdn-cms.f-static.net/uploads/4472768/normal_60281f6806cc3.pdf
- http://agent-ritual495.online/what_is_meant_by_public_speaking_anxiety2hgpk.pdf
- https://static.s123-cdn-static.com/uploads/4369514/normal_5fe3ab3b52c0c.pdf
- https://cdn.sqhk.co/jukunobegabe/jfviaEJ/awg_voltage_drop_dc_calculator.pdf
- https://cdn.sqhk.co/gonolesuzam/bij6eUE/gravity_falls_garry_s_mod.pdf
- http://toguvuveleguna.22web.org/pimune.pdf
- http://lemufarora.22web.org/88287163017.pdf
- http://myluckybet.xyz/coco_annotation_guidelinesxx0vc.pdf
- http://justiciaforjustice.com/epson_stylus_photo_1400_refillable_ink_cartridgeszy2w4.pdf
- https://cdn-cms.f-static.net/uploads/4381541/normal_603e7bd8de73a.pdf
- http://justiciaforjustice.com/sda_pathfinder_classes_coloursggmrn.pdf
- https://static.s123-cdn-static.com/uploads/4418566/normal_5ffc893b8ca90.pdf
- http://lg-supportteam.com/49330389799yu0zr.pdf
- https://cdn-cms.f-static.net/uploads/4474978/normal_604406a20e311.pdf
- https://s3.amazonaws.com/navoburarovada/89701068541.pdf
- https://30c74dc1-c3f2-4e71-8253-1ec84f3b94e1.filesusr.com/ugd/b8c6fa_d5de073648c94417b278218f9193808e.pdf?index=true
- https://s3.amazonaws.com/nefagolom/cessna_414a_ram_iv_performance.pdf
- https://03aaa7dd-6608-466c-a68c-f41c59811c05.filesusr.com/ugd/ae15ca_2a5cf0ccfdc841b492b5addc9d017b04.pdf?index=true
- https://s3.amazonaws.com/gagagakigibapo/florida_algebra_eoc_practice_test_with_answers.pdf
- https://07d68bf2-0661-47e2-9ffe-eae068a071af.filesusr.com/ugd/fef806_dbdb14a634414ffc92c59d2450adfa71.pdf?index=true
- http://poposumezaxek.rf.gd/68110912481.pdf
- https://f37c3615-20b0-4e70-b1e7-2acf34113780.filesusr.com/ugd/1e533a_551ed09a3a634c96bfa403d3aaac6c9a.pdf?index=true
- https://s3.amazonaws.com/gogoxowiniza/30100823851.pdf
- https://b70645e9-42d7-44c6-80f2-f165c8819e8d.filesusr.com/ugd/3f1130_a53f5f97415249e0b62da0446d288ef3.pdf?index=true
Open this report in the interactive analyzer, or submit your own file for analysis.