MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 User Execution: Malicious File
The PDF contains a large number of embedded links pointing to external PDF files hosted on the dynamic DNS domain 'xiixmcuin.linkpc.net'. This behavior is indicative of a link farm or a redirection scheme designed to lead users to potentially malicious content. The ML classifier strongly supports the malicious verdict.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xiixmcuin.linkpc.net/1201204206207203208/Divas-Inc-by-Donna-Hill.pdf
- http://xiixmcuin.linkpc.net/2205206200205/For-You-I-Will-by-Donna-Hill.pdf
- http://xiixmcuin.linkpc.net/9207206200201/In-My-Bedroom-by-Donna-Hill.pdf
- http://xiixmcuin.linkpc.net/1200209204203203200/A-Whole-Lotta-Love-by-Donna-Hill.pdf
- http://xiixmcuin.linkpc.net/2201206207209201/The-House-on-Blackberry-Hill-Jewell-Cove-1-by-Donna-Alward.pdf
- http://xiixmcuin.linkpc.net/7206205208209208/Rudolph-Valentino-The-Silent-Idol-His-Life-in-Photographs-by-Donna-L-Hill.pdf
- http://xiixmcuin.linkpc.net/3205209206209208/The-Divas-of-Doom-Doom-Divas-2-by-Sherry-M-Siska.pdf
- http://xiixmcuin.linkpc.net/1201204206208208202/Divas-in-Cahoots-by-Jon-McDonald.pdf
- http://xiixmcuin.linkpc.net/5203209200203204/Cocaine-Divas-Money-Over-Everything-by-C-Horne.pdf
- http://xiixmcuin.linkpc.net/1201204206206209205/Street-Divas-by-De-39-nesha-Diamond.pdf
- http://xiixmcuin.linkpc.net/1201204206209203204/Don-Divas-The-Legions-by-LoLa-Bandz.pdf
- http://xiixmcuin.linkpc.net/1201204206207203203/Gangsta-Divas-by-De-39-nesha-Diamond.pdf
- http://xiixmcuin.linkpc.net/1201204206209207202/Bittersweet-Dancers-and-Divas-2-by-Kathy-Petrakis.pdf
- http://xiixmcuin.linkpc.net/2208200209209201/Drop-Dead-Divas-by-Virginia-Brown.pdf
- http://xiixmcuin.linkpc.net/2200202207203201/Angel-s-Obsession-with-Syn-The-Lan-Divas-by-Shelli-Quinn.pdf
- http://xiixmcuin.linkpc.net/3205209206208203/The-Madams-of-Mischief-Doom-Divas-1-by-Sherry-M-Siska.pdf
- http://xiixmcuin.linkpc.net/2201207203203205/Hot-for-Him-Secret-Lives-of-Daytime-Divas-3-by-Sarah-Mayberry.pdf
- http://xiixmcuin.linkpc.net/7203203201204209/Global-Divas-Filipino-Gay-Men-in-the-Diaspora-by-Martin-F-Manalansan-IV.pdf
- http://xiixmcuin.linkpc.net/1209203206200201/Divas-Dames-amp-Daredevils-Lost-Heroines-of-Golden-Age-Comics-by-Mike-Madrid.pdf
- http://xiixmcuin.linkpc.net/9209200209208200/Hill-s-Wilmington-New-Hanover-County-N-C-City-Directory-1958-Including-Audubon-Devon-Park-Edgewood-Foxtown-Garden-City-Hanover-Heights-Highwood-Park-Idlewild-Long-Leaf-Hill-Oak-Court-Oak-Crest-Piney-Woods-and-Winter-Park-by-Hill-Directory-Company.pdf
- http://xiixmcuin.linkpc.net/2208200209209201/Drop-Dead-Divas
Open this report in the interactive analyzer, or submit your own file for analysis.