MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious File
The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic, pointing to external resources. The ML_NYX_PDF_MALICIOUS heuristic also flagged the document with high confidence. While the document body is heavily obfuscated, the presence of numerous links suggests a tactic to drive traffic to potentially malicious or SEO-manipulated content. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9920
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/1090096097091091092/The-True-Story-of-Andersonville-Prison-A-Defense-of-Major-Henry-Wirz-Annotated-by-James-Madison-Page.pdf
- http://loaminoo.linkpc.net/1090096096099091099/The-True-Story-of-Andersonville-Prison-A-Defense-of-Major-Henry-Wirz-by-James-Madison-Page.pdf
- http://loaminoo.linkpc.net/1090096097090091091/The-Tragedy-of-Andersonville-Trial-of-Captain-Henry-Wirz-the-Prison-Keeper-by-N-P-1836-1924-Chipman.pdf
- http://loaminoo.linkpc.net/1090096097090091092/A-Narrative-of-Andersonville-Drawn-from-the-Evidence-Elicited-on-the-Trial-of-Henry-Wirz-the-Jailee-by-Ambrose-Spencer.pdf
- http://loaminoo.linkpc.net/1090096097091099092/The-Andersonville-Report-by-Jim-Wirz.pdf
- http://loaminoo.linkpc.net/1090096097090091093/A-Narrative-of-Andersonville-Drawn-from-the-Evidence-Elicited-on-the-Trial-of-H-Wirz-by-Ambrose-Spencer.pdf
- http://loaminoo.linkpc.net/5099098092/Lost-Boy-The-True-Story-of-Captain-Hook-by-Christina-Henry.pdf
- http://loaminoo.linkpc.net/1091095098093096093/A-Spy-Called-James-The-True-Story-of-James-Armistead-Lafayette-Revolutionary-War-Double-Agent-by-Anne-Rockwell.pdf
- http://loaminoo.linkpc.net/2097095094098/Henry-s-Freedom-Box-A-True-Story-from-the-Underground-Railroad-by-Ellen-Levine.pdf
- http://loaminoo.linkpc.net/8095093097098098/Inside-the-occult-The-true-story-of-Madame-H-P-Blavatsky-by-Henry-Steel-Olcott.pdf
- http://loaminoo.linkpc.net/3094093093095095/Churchill-s-Iceman-The-True-Story-of-Geoffrey-Pyke-Genius-Fugitive-Spy-by-Henry-Hemming.pdf
- http://loaminoo.linkpc.net/1091099098095091097/Abraham-Lincoln-Volume-1-of-2-The-True-Story-Of-A-Great-Life-by-William-Henry-Herndon.pdf
- http://loaminoo.linkpc.net/1091099098095092090/Abraham-Lincoln-Volume-2-of-2-The-True-Story-of-a-Great-Life-by-William-Henry-Herndon.pdf
- http://loaminoo.linkpc.net/2091095094098093/Henry-Lee-Lucas-The-Shocking-True-Story-of-America-s-Most-Notorious-Serial-Killer-by-Joel-Norris.pdf
- http://loaminoo.linkpc.net/2091092090097095/True-Control-True-4-1-by-Willow-Madison.pdf
- http://loaminoo.linkpc.net/1094095097097093/True-Nature-True-1-by-Willow-Madison.pdf
- http://loaminoo.linkpc.net/2091092090096099/True-Control-True-4-2-by-Willow-Madison.pdf
- http://loaminoo.linkpc.net/9093092094090093/Rudy-A-True-Story-by-James-Ellison.pdf
- http://loaminoo.linkpc.net/6097098095096097/Flyboys-A-True-Story-of-Cour-by-James-D-Bradley.pdf
- http://loaminoo.linkpc.net/1095095097099091/In-Defense-of-Elitism-by-William-A-Henry-III.pdf
- http://loaminoo.linkpc.net/1090096097090091092/A-Narrative-of-Andersonville-Drawn-from-the-Evidence-Elicited-on-
Open this report in the interactive analyzer, or submit your own file for analysis.