MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a large number of embedded URLs, identified as a link farm. The ML classifier strongly indicated maliciousness. The primary heuristic firing points to a PDF SEO link farm, with the dominant host being loaminoo.linkpc.net. The embedded URLs, such as http://loaminoo.linkpc.net/1093090095090099/The-Rook-The-Patrick-Bowers-Files-2-by-Steven-James.pdf, are likely used to drive traffic to potentially malicious or pirated content, fitting an SEO spam or phishing attack pattern.
Machine Learning
- Nyx PDF Classifier malicious score 0.9891
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/1093090095090099/The-Rook-The-Patrick-Bowers-Files-2-by-Steven-James.pdf
- http://loaminoo.linkpc.net/1093091096095094/The-Queen-Patrick-Bowers-Files-5-by-Steven-James.pdf
- http://loaminoo.linkpc.net/4090099094097095/Every-Crooked-Path-The-Bowers-Files-The-New-York-Years-1-by-Steven-James.pdf
- http://loaminoo.linkpc.net/3091093099090097/The-Rook-The-Checquy-Files-1-by-Daniel-O-39-Malley.pdf
- http://loaminoo.linkpc.net/1095094095099091/The-Rook-The-Checquy-Files-1-by-Daniel-O-39-Malley.pdf
- http://loaminoo.linkpc.net/1090094092090/The-Rook-The-Checquy-Files-1-by-Daniel-O-39-Malley.pdf
- http://loaminoo.linkpc.net/2094097099098099/Nefarious-The-Blackwell-Files-1-by-Steven-F-Freeman.pdf
- http://loaminoo.linkpc.net/6099091091090093/The-Hunt-For-The-Dingo-James-amp-Sandersen-Files-1-by-P-J-Nash.pdf
- http://loaminoo.linkpc.net/2097094090092/Men-Are-Trouble-by-James-Patrick-Kelly.pdf
- http://loaminoo.linkpc.net/1090095099094097/Wildlife-by-James-Patrick-Kelly.pdf
- http://loaminoo.linkpc.net/6090095097091099/Get-Maitland-by-James-Patrick-Hunt.pdf
- http://loaminoo.linkpc.net/3092094092092095/Placebo-The-Jevin-Banks-Experience-1-by-Steven-James.pdf
- http://loaminoo.linkpc.net/7090095098098099/Sacra-Pagina-James-by-Patrick-J-Hartin.pdf
- http://loaminoo.linkpc.net/5091099092092095/The-Prisoner-of-Chillon-by-James-Patrick-Kelly.pdf
- http://loaminoo.linkpc.net/4093091098093/Way-Past-Dead-Harry-James-Denton-3-by-Steven-Womack.pdf
- http://loaminoo.linkpc.net/4092099096093/Dirty-Money-Harry-James-Denton-6-by-Steven-Womack.pdf
- http://loaminoo.linkpc.net/7091090094091094/The-Big-Somewhere-Essays-on-James-Ellroy-s-Noir-World-by-Steven-Powell.pdf
- http://loaminoo.linkpc.net/2099092093096093/Just-Flirt-by-Laura-Bowers.pdf
- http://loaminoo.linkpc.net/1096094098090090/Hey-Canada-by-Vivien-Bowers.pdf
- http://loaminoo.linkpc.net/1096094098095/Dead-Folks-Blues-Harry-James-Denton-1-by-Steven-Womack.pdf
- http://loaminoo.linkpc.net/5091099092092095/The-Prisoner-of-Chillon-by-James-Patrick-
Open this report in the interactive analyzer, or submit your own file for analysis.