MALICIOUS
92
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF was flagged by a machine learning classifier and contains a large number of embedded external links, a technique often used for SEO manipulation or to redirect users to malicious sites. While the extracted URLs are currently marked as benign, the sheer volume and the heuristic firing indicate a suspicious pattern. No scripts were extracted from this sample, limiting further analysis of its direct payload.
Machine Learning
- Nyx PDF Classifier malicious score 0.9910
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://unieoooq.linkpc.net/64e14e84e94e34e5/The-Luberon-Garden-A-provencal-story-of-Apricot-Blossom-Truffles-and-Thyme-by-Alex-Dingwall-Main.pdf
- http://unieoooq.linkpc.net/14e14e74e34e44e54e0/Justin-Thyme-The-Tartan-of-Thyme-1-by-Panama-Oxridge.pdf
- http://unieoooq.linkpc.net/34e34e94e54e14e9/Buying-Thyme-Thyme-Trilogy-1-by-T-J-Hamilton.pdf
- http://unieoooq.linkpc.net/24e24e04e84e54e8/Buying-Thyme-Thyme-Trilogy-1-by-T-J-Hamilton.pdf
- http://unieoooq.linkpc.net/14e04e64e34e84e14e0/Weinort-in-Franken-Schweinfurt-Aschaffenburg-Albertshofen-Wurzburg-Zeil-Am-Main-Kitzingen-Worth-Am-Main-Gemunden-Am-Main-by-Quelle-Wikipedia.pdf
- http://unieoooq.linkpc.net/14e54e14e84e44e1/The-Mystery-of-Dragon-Bridge-A-Peach-Blossom-Village-Story-by-Ann-Howard.pdf
- http://unieoooq.linkpc.net/14e04e34e44e74e44e8/Strasse-Rhein-Main-Strasse-in-Frankfurt-Am-Main-Strasse-in-Hanau-Strasse-in-Offenbach-Am-Main-Strasse-in-Wiesbaden-Zeil-by-Quelle-Wikipedia.pdf
- http://unieoooq.linkpc.net/74e04e24e84e04e4/Treasure-Island-A-Story-of-the-Spanish-Main-Barnes-amp-Noble-Classics-by-Robert-Louis-Stevenson.pdf
- http://unieoooq.linkpc.net/94e14e74e84e14e6/Flaneure-in-Berlin-Und-Frankfurt-Am-Main-Urbane-Muigganger-in--Spazieren-in-Berlin--Und--Tarzan-Am-Main--by-Nelly-Bachmann.pdf
- http://unieoooq.linkpc.net/94e14e84e74e04e5/Popcorn-Poppin-on-the-Apricot-Tree-by-Faith-Paulus.pdf
- http://unieoooq.linkpc.net/44e74e24e94e04e6/White-Truffles-in-Winter-A-Novel-by-N-M-Kelby.pdf
- http://unieoooq.linkpc.net/54e34e34e44e44e8/Cherry-Blossom-Girls-3-Cherry-Blossom-Girls-3-by-Harmon-Cooper.pdf
- http://unieoooq.linkpc.net/14e04e14e34e14e54e9/Der-Traum-Vom-Fliegen-Hohepunkte-Aus-Dem-Bildarchiv-Der-Luftfahrthistorischen-Sammlung-Der-Flughafen-Frankfurt-Main-Ag-by-Petra-Wustrack-Michael-K-Flughafen-Frankfurt-Main-Benteler.pdf
- http://unieoooq.linkpc.net/34e74e24e14e14e4/Zoo-Story-Life-in-the-Garden-of-Captives-by-Thomas-French.pdf
- http://unieoooq.linkpc.net/34e84e14e34e74e0/Pumpkin-Circle-The-Story-of-a-Garden-by-George-Levenson.pdf
- http://unieoooq.linkpc.net/44e74e14e54e94e5/Blue-Trout-and-Black-Truffles-The-Peregrinations-of-an-Epicure-by-Joseph-Wechsberg.pdf
- http://unieoooq.linkpc.net/44e44e24e04e44e8/Hana-Kimi-For-You-in-Full-Blossom-Vol-16-Hana-Kimi-For-You-in-Full-Blossom-16-by-Hisaya-Nakajo.pdf
- http://unieoooq.linkpc.net/54e04e54e54e04e5/Hana-Kimi-For-You-in-Full-Blossom-Vol-15-Hana-Kimi-For-You-in-Full-Blossom-15-by-Hisaya-Nakajo.pdf
- http://unieoooq.linkpc.net/54e04e54e44e74e0/Hana-Kimi-For-You-in-Full-Blossom-Vol-13-Hana-Kimi-For-You-in-Full-Blossom-13-by-Hisaya-Nakajo.pdf
- http://unieoooq.linkpc.net/74e04e74e54e4/Hana-Kimi-For-You-in-Full-Blossom-Vol-8-Hana-Kimi-For-You-in-Full-Blossom-8-by-Hisaya-Nakajo.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.