MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF contains a large number of embedded links to external PDF files, many of which are hosted on the dynamic DNS domain xiixmcuin.linkpc.net. This behavior is indicative of a link farm or a content distribution network designed to obscure the ultimate malicious payload. The ML classifier strongly supports the malicious verdict. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xiixmcuin.linkpc.net/4200202202202208/The-Trouser-People-A-Story-of-Burma-in-the-Shadow-of-the-Empire-by-Andrew-Marshall.pdf
- http://xiixmcuin.linkpc.net/1201200200201206/Of-Shadow-and-Sea-Elder-Empire-Shadow-1-by-Will-Wight.pdf
- http://xiixmcuin.linkpc.net/9208206207200/Rook-and-Shadow-by-A-G-Marshall.pdf
- http://xiixmcuin.linkpc.net/7203200/A-Crown-for-Cold-Silver-The-Crimson-Empire-1-by-Alex-Marshall.pdf
- http://xiixmcuin.linkpc.net/4200206201205201/Dissecting-Wobbles-This-Is-Just-How-I-Roll-by-Marshall-Andrew.pdf
- http://xiixmcuin.linkpc.net/3206207203202207/Well-Intentioned-Dragons-Ministering-to-Problem-People-in-the-Church-by-Marshall-Shelley.pdf
- http://xiixmcuin.linkpc.net/1200208208207205/Of-Sea-and-Shadow-Elder-Empire-Sea-1-by-Will-Wight.pdf
- http://xiixmcuin.linkpc.net/3209203205/The-Guns-of-Empire-The-Shadow-Campaigns-4-by-Django-Wexler.pdf
- http://xiixmcuin.linkpc.net/4205207203200205/The-Shadow-of-Ararat-Oath-of-Empire-1-by-Thomas-Harlan.pdf
- http://xiixmcuin.linkpc.net/2206205201208207/The-Moon-s-Shadow-Saga-of-the-Skolian-Empire-8-by-Catherine-Asaro.pdf
- http://xiixmcuin.linkpc.net/4202204202203200/A-War-in-Crimson-Embers-The-Crimson-Empire-3-by-Alex-Marshall.pdf
- http://xiixmcuin.linkpc.net/2208203200203207/People-of-Walmart-Shop-and-Awe-by-Andrew-Kipple.pdf
- http://xiixmcuin.linkpc.net/7202202201205202/Edge-of-Irony-Modernism-in-the-Shadow-of-the-Habsburg-Empire-by-Marjorie-Perloff.pdf
- http://xiixmcuin.linkpc.net/5206204208203/Our-Island-Story-by-H-E-Marshall.pdf
- http://xiixmcuin.linkpc.net/5202201209209201/A-People-s-History-of-the-Second-World-War-Resistance-Versus-Empire-by-Donny-Gluckstein.pdf
- http://xiixmcuin.linkpc.net/4201201203204/The-Story-The-Bible-as-One-Continuing-Story-of-God-and-His-People-NIV-by-Randy-Frazee.pdf
- http://xiixmcuin.linkpc.net/1209201201200208/The-Story-NIV-The-Bible-as-One-Continuing-Story-of-God-and-His-People-by-Randy-Frazee.pdf
- http://xiixmcuin.linkpc.net/4201205201206203/Shadow-Spinner-Collection-2-The-Man-with-No-Eyes-Parts-6---12-by-Andrew-Leon.pdf
- http://xiixmcuin.linkpc.net/2203209203205204/Daily-Life-in-Ancient-Rome-The-People-and-the-City-at-the-Height-of-the-Empire-by-J-r-me-Carcopino.pdf
- http://xiixmcuin.linkpc.net/3202209206200202/Auto-Empire-from-Toyota-to-Ford-business-strategies-about-car-companies-in-the-world-everything-people-want-to-know-by-Eric-Choi.pdf
- http://xiixmcuin.linkpc.net/2206205201208207/The-Moon-s-Shadow-Saga-of-the-Skolian-Empire-8
Open this report in the interactive analyzer, or submit your own file for analysis.