MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1204.001 Malicious Link
T1059.001 PowerShell
The PDF contains a significant number of external links, with one heuristic specifically identifying it as a 'PDF_SEO_LINK_FARM'. The primary external URL points to a base64 encoded string, suggesting a download or redirection mechanism. The document body is heavily obfuscated and unreadable, providing no further context on the lure.
Machine Learning
- Nyx PDF Classifier clean score 0.0374
Heuristics 3
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://thedirsite.com/calestous/ZG93bmxvYWR8aGYxYUdKaE5YeDhNVFkxTnpFNE5qazFOWHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/determinants.c3RldmVuIHNsYXRlIGRydW1zIDQuMCB2c3QgdG9ycmVudAc3R/eggleston.giocastro.subprime/sages.imbeds
- http://www.vxc.pl/?p=43990
- http://www.nra.gov.sl/system/files/webform/lyvophr442.pdf
- https://geobook.ge/advert/programmator-for-panasonic-kx-ta308-hot-crack/
- https://bookland.ma/2022/07/08/hot-door-cadtools-11-2-2-for-adobe-illustrator-win-x64/
- https://shi-id.com/password-southern-charms-hot/
- https://social.maisonsaine.ca/upload/files/2022/07/73oGRCOceM5PjRjbqmTN_08_4b9684610d848ccf627199fa57227c8a_file.pdf
- https://colegioalbertsonsslp.com/wp-content/uploads/2022/07/Ghost_Bus_Hong_Kong_Movie_Download_VERIFIED-1.pdf
- http://www.gnvlearning.id/?p=10890
- https://bluesteel.ie/2022/07/08/full-cracked-xunlei-thunder-portable/
- https://www.modero.be/sites/modero.be/files/webform/complaints/full-beat-kangz-beat-thang-virtual-blp.pdf
- https://thecubanhouses.com/wp-content/uploads/2022/07/Statik_Ve_Mukavemet_Mehmet_Omurtag_Pdf_40_HOT.pdf
- https://cryptic-taiga-57291.herokuapp.com/Red_Giant_Trapcode_Suite_1518_Serial_Number_FREE_Download.pdf
- http://infoimmosn.com/?p=18619
- https://inmueblesencolombia.com/?p=71139
- https://vietnamnuoctoi.com/upload/files/2022/07/S6tk4EANTiiEcjPEsJsJ_08_f065174900f5301dd7b8e970387b0d31_file.pdf
- http://jwmarine.org/skruen-uden-ende-teknologihistor/
- https://xcconcepts.com/wp-content/uploads/2022/07/Defense_Of_The_Ancients_Download_Full_Version_TOP.pdf
- https://purosautosdetroit.com/2022/07/08/2011-natale-in-sud-africa-2021-download-utorrent-ita/
- https://brinke-eq.com/advert/big-fish-audio-suite-grooves-2-27/
- https://social.maisonsaine.ca/upload/files/2022/07/73oGRCOceM5PjRjbqmTN_08_4b9684610d848ccf
- https://colegioalbertsonsslp.com/wp-
- https://www.modero.be/sites/modero.be/files/webform/complaints/full-beat-kangz-beat-thang-virtual-
- https://thecubanhouses.com/wp-
- https://cryptic-
- https://vietnamnuoctoi.com/upload/files/2022/07/S6tk4EANTiiEcjPEsJsJ_08_f065174900f5301dd7b8e9
- https://xcconcepts.com/wp-
- https://friend007.com/upload/files/2022/07/KZ1jmpmkfTfENy3UpYst_08_4b9684610d848ccf627199fa57227c8a_file.pdf
- http://www.tcpdf.org
- https://friend007.com/upload/files/2022/07/KZ1jmpmkfTfENy3UpYst_08_4b9684610d848ccf627199fa
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.