MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF file contains a lure for a software download, indicated by the document body and an embedded URI pointing to a suspicious URL. ClamAV detection as 'Pdf.Phishing.Trojan' further supports malicious intent. The presence of embedded URLs suggests an attempt to redirect the user to a malicious site, likely to download a secondary payload.
Machine Learning
- Nyx PDF Classifier clean score 0.2415
Heuristics 3
-
ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://xezojetit.ru/strik?utm_term=fl+studio+12+free+download+full+version+32+bit PDF link annotation
- https://tatazopizen.weebly.com/uploads/1/3/1/1/131163492/c01e779a2153.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4454824/normal_5fc88a481045b.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4478950/normal_6005380eacf12.pdfIn PDF document text
- https://static.s123-cdn-static.com/uploads/4468536/normal_5feb087616321.pdfIn PDF document text
- https://s3.amazonaws.com/serogajugomiji/zegekokefazosuwiru.pdfIn PDF document text
- http://wurunuj.epizy.com/63497979712.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.