MALICIOUS
92
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic, suggesting a link farm or distribution mechanism. While the document body is heavily corrupted, the presence of numerous links to book PDFs hosted on a dynamic DNS domain indicates a likely attempt to manipulate search engine results or distribute potentially malicious content. The ML classifier also flagged this PDF as malicious.
Machine Learning
- Nyx PDF Classifier malicious score 0.9891
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xiixmcuin.linkpc.net/6209204207202200/A-John-Dickson-Carr-Trio-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2202209204203203/Papa-La-Bas-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2206208203209206/Captain-Cut-Throat-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/1201205204201202/Fire-Burn-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2206208205206200/The-Witch-of-the-Low-Tide-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/1201202205201208206/Der-Teufel-in-Samt-Roman-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2206208201208200/The-Hollow-Man-Dr-Gideon-Fell-6-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2203207200207202/Castle-Skull-Henri-Bencolin-2-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2208209201200206/The-Crooked-Hinge-Dr-Gideon-Fell-8-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/3206201202200207/The-Corpse-in-the-Waxworks-Henri-Bencolin-4-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2202207208200204/The-Case-of-the-Constant-Suicides-Dr-Gideon-Fell-13-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/4209202202208203/Till-Death-Do-Us-Part-Dr-Gideon-Fell-15-by-John-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/2201208200202208/Ripped-by-Shelly-Dickson-Carr.pdf
- http://xiixmcuin.linkpc.net/7209209209206202/A-Murder-Most-Macabre-by-Edmund-Glasby.pdf
- http://xiixmcuin.linkpc.net/6209200204203207/A-Figure-of-Speech-A-Festschrift-for-John-Laver-by-Ann-Taket-Barter-Godfrey.pdf
- http://xiixmcuin.linkpc.net/4202205209200206/Shades-of-Murder-Mac-Faraday-Mystery-3-by-Lauren-Carr.pdf
- http://xiixmcuin.linkpc.net/9209207203208208/Twelve-to-Murder-Mac-Faraday-Mystery-7-by-Lauren-Carr.pdf
- http://xiixmcuin.linkpc.net/6209204207201208/The-Adventures-of-Dickson-McCunn-by-John-Buchan.pdf
- http://xiixmcuin.linkpc.net/4205200207209203/Hearing-Her-Voice-A-Case-for-Women-Giving-Sermons-by-John-Dickson.pdf
- http://xiixmcuin.linkpc.net/5204207208203200/The-Beat-Killer-A-Biography-of-Beat-Writer-Lucien-Carr-and-Riverside-Park-Murder-by-James-Fritz.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.