MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF file was flagged by a machine learning classifier as malicious and contains a large number of embedded URLs, indicating a link farm designed to distribute malicious content. The presence of numerous links, many pointing to dynamically generated paths on a duckdns.org subdomain, suggests a phishing or malware distribution attempt. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9891
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cmeinasaoo.duckdns.org/1b21b27b20b20b28b21/Chambers-Crossword-Lists---New-Edition-by-Chambers-Dictionaries.pdf
- http://cmeinasaoo.duckdns.org/1b21b24b20b26b26b25/Chambers-s-Edinburgh-Journal-No-457-by-Robert-Chambers.pdf
- http://cmeinasaoo.duckdns.org/1b21b27b25b23b23b27/Chambers-s-Edinburgh-Journal-No-418-by-Robert-Chambers.pdf
- http://cmeinasaoo.duckdns.org/1b20b25b24b21b29b25/Chambers-s-Edinburgh-Journal-No-455-by-Robert-Chambers.pdf
- http://cmeinasaoo.duckdns.org/4b24b20b25b23b26/-oku-The-Inner-Chambers-Volume-5-oku-The-Inner-Chambers-5-by-Fumi-Yoshinaga.pdf
- http://cmeinasaoo.duckdns.org/4b24b20b25b23b23/-oku-The-Inner-Chambers-Volume-3-oku-The-Inner-Chambers-3-by-Fumi-Yoshinaga.pdf
- http://cmeinasaoo.duckdns.org/4b28b25b25b23b29/-oku-The-Inner-Chambers-Volume-6-oku-The-Inner-Chambers-6-by-Fumi-Yoshinaga.pdf
- http://cmeinasaoo.duckdns.org/1b22b26b26b21b20/Plus-by-Veronica-Chambers.pdf
- http://cmeinasaoo.duckdns.org/1b24b25b28b24b29/Vigil-by-V-J-Chambers.pdf
- http://cmeinasaoo.duckdns.org/2b21b29b25b23b23/The-Go-Between-by-Veronica-Chambers.pdf
- http://cmeinasaoo.duckdns.org/3b27b25b24b28b23/Payback-by-Kimberley-Chambers.pdf
- http://cmeinasaoo.duckdns.org/7b20b20b25b27/The-Betrayer-by-Kimberley-Chambers.pdf
- http://cmeinasaoo.duckdns.org/8b22b24b27b24b23/At-the-Ritz-by-Robert-W-Chambers.pdf
- http://cmeinasaoo.duckdns.org/2b22b21b26b25b20/The-Pineville-Heist-by-Lee-Chambers.pdf
- http://cmeinasaoo.duckdns.org/6b20b20b25b27b23/In-the-Quarter-by-Robert-W-Chambers.pdf
- http://cmeinasaoo.duckdns.org/3b25b28b25b27b23/The-Wronged-by-Kimberley-Chambers.pdf
- http://cmeinasaoo.duckdns.org/1b21b28b20b23b24/Stinger-by-Diana-R-Chambers.pdf
- http://cmeinasaoo.duckdns.org/3b25b21b27b27b28/The-Burning-Chambers-by-Kate-Mosse.pdf
- http://cmeinasaoo.duckdns.org/3b25b26b23b28b20/It-Pours-Chambers-of-the-Heart-2-by-C-D-Cain.pdf
- http://cmeinasaoo.duckdns.org/3b20b21b29b27b22/The-Witch-s-Rose-by-L-Chambers-Wright.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.