MALICIOUS
112
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
This PDF file is identified as a malicious lure, likely for phishing or malware distribution. The heuristic 'PDF_IMAGE_LURE' indicates it's image-only with a click-outward action, typical of a screenshot hiding a malicious link. The 'PDF_SEO_LINK_FARM' heuristic reveals a large number of external links, predominantly hosted on 'ruinyourlife.xyz', suggesting a coordinated effort to distribute malicious content. The ML classifier strongly supports the malicious verdict.
Machine Learning
- Nyx PDF Classifier malicious score 0.9991
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LUREPDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 30 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://bridalandveiloutlet.com/uploads/1/3/0/5/130588857/130588857.html#sennheiser+rs+195+rf+wireless+headphone
- http://ruinyourlife.xyz/uploads/1/3/0/6/130620972/zaduvuwagaxije.pdf
- http://primoaquatics.com/uploads/1/3/0/2/130288887/virosiraxavaw.pdf
- http://mixol-g.com/uploads/1/3/0/7/130738919/a64ffa1a5.pdf
- http://www.conquerfirstaid.co.uk/uploads/1/3/0/5/130539279/wowilutalatalulosu.pdf
- http://easttexasanesthesia.com/uploads/1/3/0/9/130969731/gaxajipex.pdf
- http://course-group.com/uploads/1/3/0/2/130289625/faxexi_tobakeb.pdf
- http://themafer.com/uploads/1/3/0/6/130639092/podusomulav_tojafivu_dokegemopiziv_pufuvenidog.pdf
- http://btihtisas.com/uploads/1/3/0/7/130776183/lilulopopopetanitat.pdf
- http://memorialdolls.com/uploads/1/3/0/8/130814411/xifovik_rejifa.pdf
- http://rileysmusings.com/uploads/1/3/0/2/130287873/zabisivuf.pdf
- http://arlingtoncarpetcleaner.com/uploads/1/3/0/6/130604050/lajusegizuvewozapo.pdf
- http://jsimonephotography.com/uploads/1/3/0/5/130541817/butusowaxoxizi_kebikix_zotopeda.pdf
- http://supremedogs.org/uploads/1/3/0/7/130775143/zisonekesibamov.pdf
- http://findtherealu.com/uploads/1/3/0/2/130289749/1574734.pdf
- http://coinmax.us/uploads/1/3/0/5/130543494/virawoxu.pdf
- http://bilvalife.com/uploads/1/3/0/6/130639426/9262237.pdf
- http://oceanreefpoolsandspas.com/uploads/1/3/0/5/130551656/bapavuzazir_xunujexiv_tanunut_vojiritolejugi.pdf
- http://kollikoonkreative.com/uploads/1/3/1/0/131069839/budaz_denenupafefuz.pdf
- http://lakecomobike.com/uploads/1/3/0/7/130738623/8395810.pdf
- http://eahfitness.com/uploads/1/3/0/9/130969963/5d292186d09591.pdf
- http://icaruscannabis.com/uploads/1/3/0/7/130740212/miwirumok-jeparejidaru-kutelefutep-risonu.pdf
- http://jmjonesconsulting.com/uploads/1/3/0/9/130969406/396da023faba.pdf
- http://lionfoundation.net/uploads/1/3/0/7/130739131/tewerixake.pdf
- http://teesthem.com/uploads/1/3/0/5/130551764/gipegugowejevigu.pdf
- http://kollikoonkreative.com/uploads/1/3/1/0/131069839/budaz_denenupafe
Open this report in the interactive analyzer, or submit your own file for analysis.