MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are currently marked as benign, the sheer volume and the nature of the heuristic suggest a malicious intent, possibly for SEO manipulation or as a distribution vector for further malicious content. The ML classifier also strongly indicated maliciousness. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://kiyuteraspdf.changeip.com/478697867786478627868/Ecce-Homo-How-One-Becomes-What-One-Is-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/478697867786178617866/The-Anti-Christ-Ecce-Homo-Twilight-of-the-Idols-Other-Writings-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/778667866786478657867/Ecce-Homo-Practicas-Pregadas-No-Collegio-Da-Bahia-as-Sestas-Feiras-Noite-Mostrandose-Em-Todas-O-Ecce-Homo-by-Eusebio-De-Matos.pdf
- http://kiyuteraspdf.changeip.com/778637868786578667861/Ecce-Homo-On-the-Divine-Unity-of-Christ-by-Aaron-Riches.pdf
- http://kiyuteraspdf.changeip.com/87868786978607865/Basic-Writings-of-Nietzsche-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/37866786878677860/The-Portable-Nietzsche-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/478687862786378667864/A-Nietzsche-Reader-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/678687866786578657869/The-Case-of-Wagner-Nietzsche-Contra-Wagner-Selected-Aphorisms-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/37867786078627865/The-Gay-Science-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/678607869786478617866/Why-I-Am-So-Wise-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/67867786578657863/The-Will-to-Power-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/278617865786578637868/The-Anti-Christ-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/978607862786878677866/LA-GAYA-CIENCIA-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/878687869786478687868/Beyond-Good-and-Evil-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/678607869786478627867/Friedrich-Nietzsche-by-Julian-Young.pdf
- http://kiyuteraspdf.changeip.com/678657863786378677866/Thus-Spoke-Zarathustra-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/978697869786378637869/Thus-Spoke-Zarathustra-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/678627864786378617867/As-Habl-Zaratustra-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/378627863786178657865/The-Birth-of-Tragedy-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/378697866786778627867/Twilight-of-the-Idols-by-Friedrich-Nietzsche.pdf
- http://kiyuteraspdf.changeip.com/678687866786578657869/The-Case-of-Wagner-Nietzsche-Contra-Wagner-Selected-Aphorisms-by-Friedr
Open this report in the interactive analyzer, or submit your own file for analysis.