MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF file was flagged by a machine learning classifier as malicious and contains a large number of embedded external links. The heuristic 'PDF_SEO_LINK_FARM' indicates that these links are likely part of a scheme to manipulate search engine results or distribute further malicious content. While no scripts were extracted, the sheer volume of links suggests a content-distribution or SEO-poisoning attack. The primary IOCs are the numerous URLs embedded within the document.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xiixmcuin.linkpc.net/1200203209209206208/Double-Double-How-to-Double-Your-Revenue-amp-Profit-in-3-Years-or-Less-by-Cameron-Herold.pdf
- http://xiixmcuin.linkpc.net/9206204207201208/Butch-Fatale-Dyke-Dick---Double-D-Double-Cross-by-Christa-Faust.pdf
- http://xiixmcuin.linkpc.net/3205209200207208/Deadly-Double-Florida-Mystery-Double-Feature-2-by-Diane-Capri.pdf
- http://xiixmcuin.linkpc.net/1201206205202202/Double-Threats-Forever-Double-Threat-4-by-Julie-Prestsater.pdf
- http://xiixmcuin.linkpc.net/3203206202200209/The-Double-Cross-System-The-Incredible-True-Story-of-How-Nazi-Spies-Were-Turned-into-Double-Agents-by-J-C-Masterman.pdf
- http://xiixmcuin.linkpc.net/2204201208208202/Double-Time-Double-Threat-3-by-Julie-Prestsater.pdf
- http://xiixmcuin.linkpc.net/3207208203206201/Double-Pleasure-Double-Pain-by-Nikki-Rashan.pdf
- http://xiixmcuin.linkpc.net/9200206202209203/A-Stitch-in-Time-Basket-Stitch-Double-Cross-Spider-Web-Rose-Double-Running-by-Victoria-Bateman.pdf
- http://xiixmcuin.linkpc.net/1206204207205206/Double-Double-by-Michael-Jan-Friedman.pdf
- http://xiixmcuin.linkpc.net/4209207202206206/Double-Nickels-Forever-A-Tribute-to-Double-Nickels-on-the-Dime-and-the-Minutemen-by-Craghead-Warren.pdf
- http://xiixmcuin.linkpc.net/1208208208205207/Double-Threat-My-Bleep-Double-Threat-2-by-Julie-Prestsater.pdf
- http://xiixmcuin.linkpc.net/1208208208206203/So-I-m-a-Double-Threat-Double-Threat-1-by-Julie-Prestsater.pdf
- http://xiixmcuin.linkpc.net/3208203205205201/Double-Alchemy-Double-Alchemy-1-by-Susan-Mac-Nicol.pdf
- http://xiixmcuin.linkpc.net/1203202200205205/Double-or-Nothing-by-Meg-Mims.pdf
- http://xiixmcuin.linkpc.net/1206206208206208/Double-Take-by-Judy-Mercer.pdf
- http://xiixmcuin.linkpc.net/4205200204202203/Double-Coverage-by-S-J-Noble.pdf
- http://xiixmcuin.linkpc.net/1200208205208209/Double-Negative-by-C-Lee-McKenzie.pdf
- http://xiixmcuin.linkpc.net/1203201203201/Double-or-Nothing-by-Phoebe-Erickson.pdf
- http://xiixmcuin.linkpc.net/2202201202202204/Double-Take-by-Melody-Carlson.pdf
- http://xiixmcuin.linkpc.net/1207209208202203/Double-Danger-A-Tac-6-by-Dee-Davis.pdf
- http://xiixmcuin.linkpc.net/9200206202209203/A-Stitch-in-Time-Basket-Stitch-Double-Cross-Spider-Web-Rose-Double-Running-by-Vic
Open this report in the interactive analyzer, or submit your own file for analysis.