MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs, indicating a link farm likely used for SEO manipulation or to redirect users to malicious content. The heuristic 'PDF_SEO_LINK_FARM' strongly suggests this malicious intent. While no scripts were extracted, the sheer volume of external links points to a delivery mechanism for further malicious activity.
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://owlaokopdf.myhome.cx/1816081678164816981638166/Onverwachte-Gasten-In-Gesprek-Met-Gerard-Dekker-Over-Kerk-Godsdienst-En-Cultuur-by-Gerard-Dekker.pdf
- http://owlaokopdf.myhome.cx/281628166816381668165/Articles-on-Novels-by-Ted-Dekker-Including-Circle-Trilogy-House-Novel-Thr3e-Showdown-Dekker-Novel-Obsessed-Novel-Saint-Novel-Skin-Novel-Blink-Novel-Black-Novel-Red-Novel-White-Novel-Chosen-Novel-by-Hephaestus-Books.pdf
- http://owlaokopdf.myhome.cx/981618166816881628166/The-Complete-Poetical-Works-of-Gerard-A-Geiger-by-Gerard-Geiger.pdf
- http://owlaokopdf.myhome.cx/1816081688165816681648169/The-Exploits-of-Brigadier-Gerard-by-Arthur-Conan-Doyle-and-W-B-Wollen-amp-the-Adventures-of-Gerard-Illustrated-by-Arthur-Conan-Doyle.pdf
- http://owlaokopdf.myhome.cx/481698169816481648168/A-D-30-A-D-1-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/381698162816181678165/Thr3e-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/38168816081658165/Blink-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/48164816381678169/Kiss-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/88165816081648167/Burn-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/681648162816181628169/Skin-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/38164816381688160/Thr3e-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/681628164816581698167/Sangre-de-Emanuel-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/481678162816181668160/Immanuel-s-Veins-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/481608168816081698162/A-Man-Called-Blessed-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/281618169816081618167/Immanuel-s-Veins-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/48164816981668167/Boneman-s-Daughters-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/8816181618168/The-49th-Mystic-Beyond-the-Circle-1-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/48161816781698164/Green-The-Beginning-and-the-End-The-Circle-0-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/881698165816381618164/Piel-No-Confies-en-Tus-Ojos-by-Ted-Dekker.pdf
- http://owlaokopdf.myhome.cx/181628169816481618166/Sovereign-The-Books-of-Mortals-3-by-Ted-Dekker.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.