PDF malware analysis — malicious · fabc1112097e52fc

MALICIOUS

PDF

159.2 KB

MD5: dcb199fdaf4bcda15af6d802ba1a790e SHA-1: d4aa1a95f9180ef073f35307c908613303f5f4ce SHA-256: fabc1112097e52fc90146c912eb744c3b2e56cb53abc91ebe8b7dd461627e7c5

80 Risk Score

Malware Insights

MITRE ATT&CK

T1204 Malicious Link T1204.001 Malicious Link: User Execution

The PDF file is identified as an image-only lure, typical of phishing attacks designed to trick users into clicking a link. The critical heuristic confirms a direct link to an executable or archive payload. The link points to 'nuriaperaire.com', suggesting a download of malicious content.

Machine Learning

Nyx PDF Classifier clean score 0.0002

Heuristics 2

PDF link points directly to executable/archive payload critical PDF_DIRECT_PAYLOAD_LINK

PDF contains a clickable HTTP(S) URI whose path ends in an executable, script, shortcut, disk image, or archive extension. Documents can legitimately link to installers, so this is a high-risk delivery indicator rather than a standalone exploit fingerprint.
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LURE

PDF has 2 image(s), only 2 text block(s), carries a click-outward action, and is only 159 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.

Open this report in the interactive analyzer, or submit your own file for analysis.