MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious File
The PDF document contains a large number of external links, many of which point to files that appear to be related to game downloads. The primary external URI found, http://dormister.com/pilferer?RmlmYSAyMgRml=masker&denounced=ZG93bmxvYWR8aEk3TW1KalpIeDhNVFkxTnpBek5qSXlNM3g4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA=perriello, is likely a malicious redirect or download URL. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass of external PDF links, suggesting a link farm or distribution mechanism for further payloads.
Machine Learning
- Nyx PDF Classifier clean score 0.0081
Heuristics 3
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://dormister.com/pilferer?RmlmYSAyMgRml=masker&denounced=ZG93bmxvYWR8aEk3TW1KalpIeDhNVFkxTnpBek5qSXlNM3g4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA=perriello
- https://www.castingventuno.it/wp-content/uploads/2022/07/Fifa_22-2.pdf
- https://captainseduction.fr/fifa-22-free-pc-windows/
- https://4f26.com/fifa-22-free-x64/
- https://promwad.com/sites/default/files/webform/tasks/fifa-22_61.pdf
- http://amlakzamanzadeh.com/wp-content/uploads/2022/07/Fifa_22_serial_number_and_product_key_crack__License_Key_Full_Download_For_Windows.pdf
- https://www.solarshams.com/sites/default/files/webform/cv/Fifa-22_0.pdf
- http://hoboshuukan.com/?p=4429
- http://www.nextjowl.com/upload/files/2022/07/DZckoXf6cwlktvSKCKf9_05_48cbab033e197334ff5cab87b69bea93_file.pdf
- https://namiflorist.com/wp-content/uploads/2022/07/proveri.pdf
- https://promwad.com/sites/default/files/webform/tasks/fonyann165.pdf
- https://www.tarrytowngov.com/sites/g/files/vyhlif1306/f/uploads/alarm_permit_form_2019-.pdf
- https://logocraticacademy.org/fifa-22-activation-code-with-keygen-free-download-for-windows-updated-2022/
- https://social.arpaclick.com/upload/files/2022/07/ofkiXKgwbEnAEhtX2ehh_05_48cbab033e197334ff5cab87b69bea93_file.pdf
- https://hhinst.com/advert/fifa-22-product-key-for-windows-april-2022/
- https://mcfedututors.com/fifa-22-hack-patch-with-full-keygen-download-x64/
- https://4s71.com/fifa-22-torrent-activation-code-free-win-mac-updated-2022/
- https://hestur.se/upload/files/2022/07/gWtolInmGVofxfkPM568_05_e8e16c2ae2f036f3b30387739374a9ab_file.pdf
- http://saddlebrand.com/?p=43798
- https://stinger-live.s3.amazonaws.com/upload/files/2022/07/zqKzflXBZNOPyuZvWPrp_05_38eb1d57e8f614a669e2d981cd774468_file.pdf
- http://goodidea.altervista.org/advert/fifa-22-install-crack-download-3264bit/
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.