MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs pointing to external resources, a technique often used for SEO manipulation or to host malicious payloads. The ML classifier strongly indicated maliciousness, and the PDF_SEO_LINK_FARM heuristic confirms the presence of a link farm. The embedded URLs are the primary IOCs, suggesting the document's purpose is to redirect users to potentially harmful content.
Machine Learning
- Nyx PDF Classifier malicious score 0.9811
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://easckaolp.myhome.cx/2840849841846848/Memoirs-of-an-Amnesiac-by-Oscar-Levant.pdf
- http://easckaolp.myhome.cx/3845842845842840/The-Hole-We-re-in-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/3842844849846844/All-These-Things-I-ve-Done-Birthright-1-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/1842846847845846/In-the-Age-of-Love-and-Chocolate-Birthright-3-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/3849844847842848/The-Storied-Life-of-A-J-Fikry-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/3845842845846849/The-Storied-Life-of-A-J-Fikry-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/1840842845845/The-Storied-Life-of-A-J-Fikry-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/1847845848846849/The-Storied-Life-of-A-J-Fikry-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/6841847848/Young-Jane-Young-by-Gabrielle-Zevin.pdf
- http://easckaolp.myhome.cx/3849849846842846/Parenting-Teenage-Boys-How-to-form-a-Bond-Turn-Problem-Behaviors-Communicate-and-Listen-to-your-Teenage-Son-by-Sebastian-Jones.pdf
- http://easckaolp.myhome.cx/6849848849845847/The-Nearly-Wed-Handbook-by-Dan-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849845841/Mr-Humblebrag-A-Parody-by-Dan-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849845849/Quantitative-X-Ray-Diffractometry-by-Lev-S-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849845844/Little-Miss-Basic-A-Parody-by-Dan-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849845843/Into-adolescence-a-curriculum-for-grades-5-8-by-Dale-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849846842/A-Greater-Good-Potentials-for-an-Intelligent-Economy-by-Robert-B-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849849840/The-New-Oxford-Picture-Dictionary-Beginners-Workbook-by-Patricia-E-Zevin.pdf
- http://easckaolp.myhome.cx/6849848848842840/A-Treasury-of-Chassidic-Tales-on-the-Torah-by-Shelomoh-Yosef-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849848849/A-Treasury-of-Chassidic-Tales-On-the-Torah----Volume-Two-by-Shlomo-Yosef-Zevin.pdf
- http://easckaolp.myhome.cx/6849848849846840/A-Russian-Herbal-Traditional-Remedies-for-Health-and-Healing-by-Igor-Vilevich-Zevin.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.