MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The file is identified as malicious by ClamAV with a signature indicating it's a phishing trojan. The document body, though heavily obfuscated, contains text related to a 'rythm disposable pen' and is associated with an external URI pointing to a URL that also mentions 'how to use rythm disposable pen'. This suggests a phishing lure. No scripts were extracted, but the PDF structure itself contains embedded URLs, indicating a potential for further malicious activity.
Machine Learning
- Nyx PDF Classifier suspicious score 0.3225
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://cructi.ru/pbw?utm_term=how+to+use+rythm+disposable+pen
- https://cdn-cms.f-static.net/uploads/4406208/normal_605f1b871830c.pdf
- https://cdn-cms.f-static.net/uploads/4392652/normal_60323add9120b.pdf
- https://static.s123-cdn-static.com/uploads/4391621/normal_600482be9e58d.pdf
- https://static.s123-cdn-static.com/uploads/4402533/normal_5fe3eb5bab8a1.pdf
- http://wekibivu.pbworks.com/f/40005510849.pdf
- https://uploads.strikinglycdn.com/files/6dd2dc85-a168-4932-bc1e-c93b7ea7f865/7476779003.pdf
- https://uploads.strikinglycdn.com/files/096eb6f9-73b3-45a8-b158-d3213eed9ba6/levangile_essenien_de_la_paix_gratuit.pdf
- http://wuxikadafi.pbworks.com/w/file/fetch/144420390/76751295618.pdf
- http://zigunef.pbworks.com/f/samsung_galaxy_tab_s2_8_inch_review.pdf
- https://uploads.strikinglycdn.com/files/bafa71e0-8457-45f3-8889-dd8e9a64ecf8/gunship_battle_mod_apk_download_techylist.pdf
- http://joxupakager.pbworks.com/w/file/fetch/144488700/31405162381.pdf
- http://visetululiv.pbworks.com/f/nova_escola_de_linguas_maputo_mozambique.pdf
- https://uploads.strikinglycdn.com/files/fa1d1df8-5e3d-4480-a1b4-e10a8fb4aa79/57039468560.pdf
- http://tusoxefum.pbworks.com/f/how_to_use_will_and_shall_in_simple_future_tense.pdf
- http://barumena.pbworks.com/f/how_to_calculate_round_duct_elbow_area.pdf
- http://bevojoluvu.pbworks.com/f/zoriwewisivodiveki.pdf
- http://laxaxufudej.pbworks.com/w/file/fetch/144491430/xigevolo.pdf
- https://uploads.strikinglycdn.com/files/b2073c31-84b0-41e5-bae5-13e0cf4592d0/virob.pdf
- https://uploads.strikinglycdn.com/files/9e2d1b3e-fd35-40c5-a0ca-ea9e1282194c/johnny_cade_characteristics.pdf
- https://uploads.strikinglycdn.com/files/074ad6af-2d1e-492e-b472-c74b12434202/element_19_inch_tv.pdf
- https://uploads.strikinglycdn.com/files/3c0cc08c-971a-4ea3-a3e7-3885738f0065/proportions_and_similar_figures_worksheet.pdf
- https://uploads.strikinglycdn.com/files/dd930d43-0cf9-4e02-be3b-b4fc8bcb3ee5/does_walgreens_sell_needles_syringes.pdf
- https://uploads.strikinglycdn.com/files/869779e9-d2f8-414e-abae-32352975c9b6/26200553669.pdf
- https://uploads.strikinglycdn.com/files/8c95b6f9-2dd6-44a7-8326-c99a8b80ba62/junooniyat_full_movie_download_mp4_filmywap.pdf
- https://uploads.strikinglycdn.com/files/c234fd07-f80c-4331-ab19-a6876b66a4cf/how_to_play_ori_and_the_blind_forest.pdf
- http://joxupakager.pbworks.com/w/file/fetch/144489324/62399540270.pdf
- https://uploads.strikinglycdn.com/files/583f15c2-b2d2-4b7a-b7da-aefae02750d8/ejercicios_de_estadstica_para_nios_de_primaria.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.