MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.001 PowerShell
The PDF file contains a large number of embedded links to external PDF documents hosted on the domain 'hicsniso.myhome.cx'. This is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier strongly flagged this PDF as malicious. No scripts were extracted, and the document body was heavily obfuscated, preventing a deeper analysis of its specific lure.
Machine Learning
- Nyx PDF Classifier malicious score 0.9901
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://hicsniso.myhome.cx/4e51e55e57e54e55/Reaching-for-the-Moon-by-Buzz-Aldrin.pdf
- http://hicsniso.myhome.cx/6e59e51e52e53e55/The-Collective-Vol-III-Return-to-Earth-by-David-McCahan.pdf
- http://hicsniso.myhome.cx/1e50e59e51e52e53e52/Return-the-Innocent-Earth-by-Wilma-Dykeman.pdf
- http://hicsniso.myhome.cx/7e50e56e50e50e52/Articles-on-Dying-Earth-Subgenre-Including-Dying-Earth-the-Dying-Earth-the-Eyes-of-the-Overworld-Cugel-s-Saga-Turjan-Rhialto-the-Marvellous-Tales-of-the-Dying-Earth-Liane-the-Wayfarer-Songs-of-the-Dying-Earth-the-Time-Machine-by-Hephaestus-Books.pdf
- http://hicsniso.myhome.cx/8e52e51e50e56e58/The-Power-of-Return-Return-to-Me-That-I-May-Return-to-You-by-John-Goyette.pdf
- http://hicsniso.myhome.cx/7e56e57e59e58e54/The-Mammoth-Book-of-New-Jules-Verne-Adventures-Return-to-the-Center-of-the-Earth-and-Other-Extraordinary-Voyages-New-Tales-by-the-Heirs-of-Jules-Verne-by-Mike-Ashley.pdf
- http://hicsniso.myhome.cx/3e52e58e54e52e50/Catching-A-Buzz-by-Ally-Blue.pdf
- http://hicsniso.myhome.cx/4e54e52e56e56e51/Buzz-A-Stimulating-History-of-the-Sex-Toy-by-Hallie-Lieberman.pdf
- http://hicsniso.myhome.cx/3e53e52e56e58e59/Buzz-Off-Queen-Bee-Mystery-1-by-Hannah-Reed.pdf
- http://hicsniso.myhome.cx/4e53e57e59e51e53/Why-Mosquitoes-Buzz-in-People-s-Ears-by-Bobby-Norfolk.pdf
- http://hicsniso.myhome.cx/1e58e57e51e57e58/Buzz-A-Year-of-Paying-Attention-by-Katherine-Ellison.pdf
- http://hicsniso.myhome.cx/2e50e53e54e59e57/TIME-TRAVEL-EXPERIENCES-In-a-Sense-we-all-are-Time-Travelers-We-are-surviving-each-and-every-Active-Time-Point-in-this-Timeline-by-Aldrin-Mathew.pdf
- http://hicsniso.myhome.cx/3e53e51e50e58e56/Risk-Return-Return-on-Investment-2-by-Aleksandr-Voinov.pdf
- http://hicsniso.myhome.cx/4e54e59e57e59e50/Buzz-Ride-Driven-to-Disruption-Memoirs-of-an-Uber-Driver-by-P-M-White.pdf
- http://hicsniso.myhome.cx/1e58e57e54e52/The-Doing-of-the-Thing-The-Brief-Brilliant-Whitewater-Career-of-Buzz-Holmstrom-by-Vince-Welch.pdf
- http://hicsniso.myhome.cx/6e52e54e55e52e51/The-Anatomy-of-Buzz-How-to-Create-Word-of-Mouth-Marketing-by-Emanuel-Rosen.pdf
- http://hicsniso.myhome.cx/4e59e59e55e56e56/Is-William-Martinez-Not-Our-Brother-Twenty-Years-of-the-Prison-Creative-Arts-Project-by-Buzz-Alexander.pdf
- http://hicsniso.myhome.cx/1e51e53e50e53e52e55/System-Earth-via-Geodetic-Geophysical-Space-Techniques-Advanced-Technologies-in-Earth-Sciences-by-Frank-M-Flechtner.pdf
- http://hicsniso.myhome.cx/1e51e53e50e53e52e56/System-Earth-via-Geodetic-Geophysical-Space-Techniques-Advanced-Technologies-in-Earth-Sciences-by-Frank-M-Flechtner.pdf
- http://hicsniso.myhome.cx/4e59e52e52e55e51/Grounding-Clearing-An-Earth-Lodge-Pocket-Guide-to-Being-Safe-Present-and-Comfortable-on-Earth-by-Maya-Cointreau.pdf
- http://hicsniso.myhome.cx/7e56e57e59e58e54/The-Mammoth-Book-of-New-Jules-Verne-Adventures-Return-to-the-Center-of-the-Earth-and-O
Open this report in the interactive analyzer, or submit your own file for analysis.