MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The ML classifier strongly indicated maliciousness. The primary attack pattern involves directing users to a suspicious domain, cmeinasaoo.duckdns.org, which hosts numerous PDF files, likely as a lure or to distribute further payloads.
Machine Learning
- Nyx PDF Classifier malicious score 0.9903
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cmeinasaoo.duckdns.org/7b23b24b29/The-Square-and-the-Tower-Networks-and-Power-from-the-Freemasons-to-Facebook-by-Niall-Ferguson.pdf
- http://cmeinasaoo.duckdns.org/7b22b26b23b23b21/V-n-minh-Ph-ng-t-y-v-ph-n-c-n-l-i-c-a-th-gi-i-by-Niall-Ferguson.pdf
- http://cmeinasaoo.duckdns.org/5b27b22b20b21b27/Il-Grande-Declino-Come-crollano-le-istituzioni-e-muoiono-le-economie-by-Niall-Ferguson.pdf
- http://cmeinasaoo.duckdns.org/9b20b26b29b24b26/Politik-ohne-Macht-das-fatale-Vertrauen-in-die-Wirtschaft-by-Niall-Ferguson.pdf
- http://cmeinasaoo.duckdns.org/9b28b23b27b24b26/Facebook-Advertising-For-Businesses-The-Strategy-I-Used-To-Generate-6-Cent-Clicks-With-Facebook-Ads-by-Liudas-Butkus.pdf
- http://cmeinasaoo.duckdns.org/1b20b22b24b28b27b29/Complex-Networks-amp-Their-Applications-V-Proceedings-of-the-5th-International-Workshop-on-Complex-Networks-and-Their-Applications-Complex-Networks-2016-by-Hocine-Cherifi.pdf
- http://cmeinasaoo.duckdns.org/1b20b21b20b21b21b27/Booom-Oder-Bennys-Kleine-Facebook-Welt-Bennys-Irrungen-amp-Wirrungen-in-Facebook-by-Benjamin-Schwer.pdf
- http://cmeinasaoo.duckdns.org/6b25b21b25b24b27/Handbook-of-Local-Area-Networks-and-Wide-Area-Networks-by-Joel-G-Siegel.pdf
- http://cmeinasaoo.duckdns.org/1b26b26b21b27b25/The-Tower-s-Alchemist-The-Gray-Tower-Trilogy-1-by-Alesha-Escobar.pdf
- http://cmeinasaoo.duckdns.org/8b29b21b29b26b26/The-Second-Chance-Caf-in-Carlton-Square-Carlton-Square-2-by-Lilly-Bartlett.pdf
- http://cmeinasaoo.duckdns.org/8b29b21b29b26b24/The-Big-Little-Wedding-in-Carlton-Square-Carlton-Square-1-by-Lilly-Bartlett.pdf
- http://cmeinasaoo.duckdns.org/3b24b20b20b23/The-Dark-Tower-Series-Collection-The-Gunslinger-The-Drawing-of-the-Three-The-Waste-Lands-Wizard-and-Glass-Wolves-of-the-Calla-Song-of-Susannah-The-Dark-Tower-by-Stephen-King.pdf
- http://cmeinasaoo.duckdns.org/2b22b20b20b21b26/Love-Square-Love-Square-1-by-Jessica-Ingro.pdf
- http://cmeinasaoo.duckdns.org/8b22b28b22b27b22/The-Freemasons-A-History-of-the-World-s-Most-Powerful-Secret-Society-by-Jasper-Ridley.pdf
- http://cmeinasaoo.duckdns.org/7b20b29b28b24b21/The-Manifesto-Church-Records-of-the-Church-in-Brattle-Square-Boston-With-Lists-of-Communicants-Baptisms-Marriages-and-Funerals-1699-1872-by-Church-in-Brattle-Square-Boston.pdf
- http://cmeinasaoo.duckdns.org/9b27b20b28b24b20/Founding-Fathers-Secret-Societies-Freemasons-Illuminati-Rosicrucians-and-the-Decoding-of-the-Great-Seal-by-Robert-Hieronimus.pdf
- http://cmeinasaoo.duckdns.org/3b24b28b28b25b24/The-Dark-Tower-The-Dark-Tower-7-by-Stephen-King.pdf
- http://cmeinasaoo.duckdns.org/4b26b26b21b21b26/The-Dark-Tower-The-Dark-Tower-7-by-Stephen-King.pdf
- http://cmeinasaoo.duckdns.org/8b22b22b25b29/The-Iron-Tower-Iron-Tower-1-3-by-Dennis-L-McKiernan.pdf
- http://cmeinasaoo.duckdns.org/3b22b27b25b23/The-Dark-Tower-The-Dark-Tower-7-by-Stephen-King.pdf
- http://cmeinasaoo.duckdns.org/9b28b23b27b24b26/Facebook-Advertising-For-Businesses-The-Strategy-I-Used-To-Generate-6-Cent-Clicks-With-Facebook-Ads-by-Liudas-But
Open this report in the interactive analyzer, or submit your own file for analysis.