MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded URLs, identified as a link farm. The ML classifier strongly suggests maliciousness. While no scripts were extracted, the sheer volume of links and the heuristic firing indicate a likely attempt to manipulate search engine results or redirect users to malicious content. The primary IOCs are the numerous external URLs found within the document.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://muicuiu.dumb1.com/4a05a00a05a04a01/Will-Grant-Center-Field-Bottom-of-the-Ninth-Book-7-by-Jean-Joachim.pdf
- http://muicuiu.dumb1.com/2a09a03a00a08a09/The-Center-Circle-Book-1-in-The-Center-Circle-Chronicles-by-Steve-Biddison.pdf
- http://muicuiu.dumb1.com/6a08a07a06a05a06/Champagne-for-Christmas-by-Jean-C-Joachim.pdf
- http://muicuiu.dumb1.com/2a01a09a08a04a05/Red-Carpet-Romance-Hollywood-Hearts-2-by-Jean-C-Joachim.pdf
- http://muicuiu.dumb1.com/2a08a02a08a01a03/His-Leading-Lady-Hollywood-Hearts-0-5-by-Jean-C-Joachim.pdf
- http://muicuiu.dumb1.com/5a00a00a08a07a00/Sunny-Days-Moonlit-Nights-Moonlight-1-by-Jean-C-Joachim.pdf
- http://muicuiu.dumb1.com/4a06a03a07a03a01/Gideon-the-Ninth-The-Ninth-House-1-by-Tamsyn-Muir.pdf
- http://muicuiu.dumb1.com/6a06a09a09a08a02/The-Fourth-Book-of-Virgil-s-Aeneid-and-the-Ninth-Book-of-Voltaire-s-Henriad-by-Virgil.pdf
- http://muicuiu.dumb1.com/2a02a02a03a08a08/U-S-Grant-The-Civil-War-Years-Grant-Moves-South-and-Grant-Takes-Command-by-Bruce-Catton.pdf
- http://muicuiu.dumb1.com/8a08a06a02a04/New-X-Men-by-Grant-Morrison-Ultimate-Collection-Book-3-by-Grant-Morrison.pdf
- http://muicuiu.dumb1.com/3a02a03a04a02a06/Love-at-the-Bottom-of-the-Litter-Box-Bukowski-Cats-and-Me-Raw-Underground-Poetry-Book-2-by-Jackson-Dean-Chase.pdf
- http://muicuiu.dumb1.com/1a01a02a09a09a09a05/The-Big-Unofficial-Lego-Builder-s-Book-Build-Your-Own-City-by-Joachim-Klang.pdf
- http://muicuiu.dumb1.com/1a09a07a07a09a00/Bet-Your-Bottom-Dollar-Bottom-Dollar-Girls-1-by-Karin-Gillespie.pdf
- http://muicuiu.dumb1.com/2a04a03a05a04a09/The-Water-Book-by-J-D-Field.pdf
- http://muicuiu.dumb1.com/1a09a07a07a09a05/A-Dollar-Short-The-Bottom-Dollar-Series-Book-2-by-Karin-Gillespie.pdf
- http://muicuiu.dumb1.com/8a05a02a08a00a03/In-the-United-States-Circuit-Court-of-Appeals-for-the-Ninth-Circuit-In-the-Matter-of-Beverlyridge-Company-Et-Al-Bankrupt-George-H-Oswald-Richard-Castle-Appellants-vs-John-Beyer-Trustee-Appelle-Transcript-of-Record-by-U-S-Court-of-Appeals-Ninth-Circuit.pdf
- http://muicuiu.dumb1.com/1a01a04a03a02a08a07/Deutsche-Passagier-Luftfahrt-Von-1955-Bis-Heute-Joachim-Wolfer-by-Joachim-Wolfer.pdf
- http://muicuiu.dumb1.com/2a02a06a00a05a04/The-Wheeling-Year-A-Poet-s-Field-Book-by-Ted-Kooser.pdf
- http://muicuiu.dumb1.com/5a03a04a06a00a09/Guy-de-Maupassant-The-Complete-Short-Stories-Book-Center-by-Guy-de-Maupassant.pdf
- http://muicuiu.dumb1.com/1a01a03a00a00a03a00/Build-Your-Own-Lego-Knight-s-Realm-The-Big-Unofficial-Lego-Builder-s-Book-by-Joachim-Klang.pdf
- http://muicuiu.dumb1.com/2a02a02a03a08a0
Open this report in the interactive analyzer, or submit your own file for analysis.