Is this PDF a malware?

youngestmoonstar

Hello, a few days ago i runned an AML check of one of my BTC address, since I had to exchange some funds, i wanted to make sure they were "clean" before spending them, so yea, i found that telegram bot, entered my BTC address, runned the aml check then downloaded the PDF.

The thing is: the PDF runned itself right away the download, which is sus for me, what if that pdf was malicious and the auto-run was added for the sole reason of infecting the customers?

I've loaded it on virustotal, im a long term user of Bitdefender, which in this case, detected nothing, i trust it, however I would love to see an human check about it as I have really sensitive info on my PC, please help me :(

Virustotal link: https://www.virustotal.com/gui/file/09dbb9e2afbb59d444672d56e9cfc093b3ca656de9d41da7fa9dcc51b4f91377/detection

Flexx

To add here, this is what I found over the web.

The string "bc1qpscyfr36xjqzee8wvqwyczmfgvns6hr85uhv0q" is in the format of a Bitcoin address using the Bech32 (SegWit) format. Here's a breakdown:

• bc1: Indicates it's a Bech32 (SegWit) address, which is native to Bitcoin.
• q...0q: The rest is the unique identifier for this specific Bitcoin wallet.

This address format is generally more efficient and secure, designed for SegWit transactions. It’s not a blockchain itself but rather an address used to send or receive Bitcoin on the Bitcoin blockchain.

The PDF might be related to a cryptocurrency transaction, a wallet address, or some documentation involving Bitcoin.

Regards

Gjoksi

Hello.

Only the anti-malware researchers at Bitdefender Labs can help you with the issue.

You should report the file as false negative to Bitdefender Labs here:

https://www.bitdefender.com/consumer/support/answer/29358/

Regards.