MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF document contains a significant number of external links, many of which appear to be SEO-farmed, suggesting a tactic to drive traffic to potentially malicious websites. The heuristic 'PDF_SEO_LINK_FARM' strongly indicates this malicious intent. The primary IOC is the first external URI found, which is a complex URL that likely leads to a payload download.
Machine Learning
- Nyx PDF Classifier clean score 0.0090
Heuristics 3
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://evacdir.com/grillmasters.affronted.Vi1yYXkgVnJheSBhZHYgMjAwMjU1MzkgU2tldGNodXAgMjAxNSAoeDY0KQVi1/ashkenazi/casualty.greyed?christine=ZG93bmxvYWR8b3k5WXpSaU9IeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA
- https://gallatincomt.virtualtownhall.net/sites/g/files/vyhlif606/f/uploads/countybirth2019.pdf
- https://ideaboz.com/2022/07/08/sony-vegas-pro-11-serial-number-1t4-vjm1-wh3r-f9r9-top/
- https://www.reperiohumancapital.com/system/files/webform/geraran211.pdf
- https://bestcare.kr/upload/files/2022/07/OW2GXQeGhwjBgWfsl5pm_08_ce1ffac1869c06eb2b67b6660ce9f9df_file.pdf
- http://mrproject.com.pl/advert/xnote-stopwatch-full-crack-softwarel-exclusive/
- https://shi-id.com/google-sketchup-pro-2015-crack-upd-keygen-23/
- https://fryter.com/upload/files/2022/07/Tdxzmyg6Sa5ZC3TnGYno_08_8cd3364b6c6aae0baa3abaf35a3db5ca_file.pdf
- https://mandarinrecruitment.com/system/files/webform/gitastav684.pdf
- https://bustedrudder.com/advert/office-timeline-plus-torrent-146/
- http://www.atourfranchise.org/system/files/webform/shkelqimi-dhe-renia-e-shokut-zylo-pdf-free.pdf
- https://fraenkische-rezepte.com/best-download-film-cloudy-with-a-chance-of-meatballs-sub-indo/
- https://www.townofriverview.ca/sites/default/files/webform/request-change-personal-information/halacke400.pdf
- http://www.chandabags.com/easy-cut-studio-keygen-software-upd/
- https://h-stop.com/wp-content/uploads/2022/07/120HymnsforBrassBandRedBookpdf.pdf
- https://vietnamnuoctoi.com/upload/files/2022/07/jqiIiiScd7KFSBEbEqa3_08_c7a60f7ef504c967f33abf491396b44e_file.pdf
- https://damariuslovezanime.com/tomasi-saxophone-concerto-pdf-download-best/
- https://www.la-pam.nl/the-santa-clause-1994-720p-brrip-x264-aacvice/
- https://jiyuland9.com/���������������������
- https://hradkacov.cz/wp-content/uploads/2022/07/Facefilter_V302_Pro_Keygen_Crack_Fixed.pdf
- https://www.brandywinedrumlabels.com/system/files/webform/auto-click-for-conquer-online-2.pdf
- https://bestcare.kr/upload/files/2022/07/OW2GXQeGhwjBgWfsl5pm_08_ce1ffac1869c06eb2b67b6660ce9f9df_
- https://fryter.com/upload/files/2022/07/Tdxzmyg6Sa5ZC3TnGYno_08_8cd3364b6c6aae0baa3abaf35a3db5ca_f
- https://www.townofriverview.ca/sites/default/files/webform/request-change-personal-
- https://vietnamnuoctoi.com/upload/files/2022/07/jqiIiiScd7KFSBEbEqa3_08_c7a60f7ef504c967f33abf491396b
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.