MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic, suggesting a link farm or a distribution mechanism for malicious content. The ML classifier also strongly indicated maliciousness. While no scripts were extracted, the structure and embedded URLs point towards a social engineering attack, likely to trick users into downloading further malicious documents or visiting compromised sites. The primary IOC is the domain cmeinasaoo.duckdns.org, which hosts numerous linked PDFs.
Machine Learning
- Nyx PDF Classifier malicious score 0.9901
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cmeinasaoo.duckdns.org/6b26b22b22/The-Four-The-Hidden-DNA-of-Amazon-Apple-Facebook-and-Google-by-Scott-Galloway.pdf
- http://cmeinasaoo.duckdns.org/1b20b22b26b28b22/Move-Fast-and-Break-Things-How-Facebook-Google-and-Amazon-Cornered-Culture-and-Undermined-Democracy-by-Jonathan-Taplin.pdf
- http://cmeinasaoo.duckdns.org/1b21b28b21b23b27b20/Amazon-Dot-Newbie-to-Expert-in-60-Minutes-on-Amazon-Dot-2nd-Generation-Echo-Amazon-Echo-User-Manual-Amazon-Alexa-Amazon-Echo-Dot-Amazon-Echo-ebook-Book-3-by-Jamy-Jackson.pdf
- http://cmeinasaoo.duckdns.org/3b20b20b23b27b26/Tamed-by-a-Laird-Galloway-Trilogy-1-by-Amanda-Scott.pdf
- http://cmeinasaoo.duckdns.org/9b28b23b27b24b26/Facebook-Advertising-For-Businesses-The-Strategy-I-Used-To-Generate-6-Cent-Clicks-With-Facebook-Ads-by-Liudas-Butkus.pdf
- http://cmeinasaoo.duckdns.org/1b21b24b21b22b23b24/Google-Hacks-Exposed-Improving-Your-Rank-on-Google-by-Kevin-Prag.pdf
- http://cmeinasaoo.duckdns.org/3b24b27b22b25b28/The-Unconquered-In-Search-of-the-Amazon-s-Last-Uncontacted-Tribes-by-Scott-Wallace.pdf
- http://cmeinasaoo.duckdns.org/1b20b21b20b21b21b27/Booom-Oder-Bennys-Kleine-Facebook-Welt-Bennys-Irrungen-amp-Wirrungen-in-Facebook-by-Benjamin-Schwer.pdf
- http://cmeinasaoo.duckdns.org/1b29b27b21b25b24/Thrift-Wars-Updated-Fall-2016-A-Battle-Tested-Internet-Business-Plan-Find-Hidden-Thrift-Stores-Treasure-and-Sell-on-Amazon-eBay-and-Etsy-for-Huge-Online-Arbitrage-Almost-Free-Money-Book-8-by-Eric-Michael.pdf
- http://cmeinasaoo.duckdns.org/9b22b28b29b24b29/Best-200-Delicious-Nutritious-and-Mouthwatering-Apple-Recipes-The-Apple-Cookbook-by-Sehr-Ali.pdf
- http://cmeinasaoo.duckdns.org/3b22b25b22b23b23/Epilogue-II-A-Bonus-Chapter-to-Hidden-Order-Scott-Harvath-12-5-by-Brad-Thor.pdf
- http://cmeinasaoo.duckdns.org/2b28b20b26b24b27/A-Poison-Apple-Boxed-Set-Poison-Apple-Volumes-1-through-8-by-Ruth-Ames.pdf
- http://cmeinasaoo.duckdns.org/3b20b28b27b25b29/Vivian-Apple-Needs-a-Miracle-Vivian-Apple-2-by-Katie-Coyle.pdf
- http://cmeinasaoo.duckdns.org/8b20b28b25b20b24/Apple-Cider-Vinegar-For-Health-100-Amazing-and-Unexpected-Uses-for-Apple-Cider-Vinegar-by-Britt-Brandon.pdf
- http://cmeinasaoo.duckdns.org/4b28b20b25b26b22/Hidden-Trust-The-Hidden-Series-9-by-Nicole-Colville.pdf
- http://cmeinasaoo.duckdns.org/4b26b29b25b20b22/Hidden-Monster-The-Hidden-Series-by-Nicole-Colville.pdf
- http://cmeinasaoo.duckdns.org/1b27b29b21b22b25/What-the-Plus-Google-for-the-Rest-of-Us-by-Guy-Kawasaki.pdf
- http://cmeinasaoo.duckdns.org/8b24b21b27b23b23/Facebook-and-Philosophy-What-s-on-Your-Mind-by-D-E-Wittkower.pdf
- http://cmeinasaoo.duckdns.org/1b25b26b20b23b23/Death-by-Facebook-by-Everett-Peacock.pdf
- http://cmeinasaoo.duckdns.org/1b21b22b21b21b24b27/Romance-on-Facebook-by-Amrita-Priya.pdf
- http://cmeinasaoo.duckdns.org/9b28b23b27b24b26/Facebook-Advertising-For-Businesses-The-Strategy-I-Used-To-Generate-6-Cent-Clicks-With-Facebook-Ads-by-Liudas
Open this report in the interactive analyzer, or submit your own file for analysis.