MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a large number of embedded links pointing to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The ML classifier strongly indicated maliciousness. The primary attack vector appears to be directing users to a large collection of URLs hosted on the loaminoo.linkpc.net domain.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/1099090094099095/Das-Hotel-New-Hampshire-by-John-Irving.pdf
- http://loaminoo.linkpc.net/1091099091091099092/Hotel-New-Hampshire-by-John-Irving.pdf
- http://loaminoo.linkpc.net/7093099097093091/Hotel-New-Hampshire-by-John-Irving.pdf
- http://loaminoo.linkpc.net/7094098091092094/Le-Monde-selon-Garp-L-H-tel-New-Hampshire-Un-enfant-de-la-balle-by-John-Irving.pdf
- http://loaminoo.linkpc.net/7097098098098094/Tokio-Hotel-Album-de-Tokio-Hotel-Chanson-de-Tokio-Hotel-Tournee-de-Tokio-Hotel-1000-Hotels-World-Tour-Welcome-to-Humanoid-City-Tour-Zimmer-483-Tour-Bill-Kaulitz-Tournees-de-Tokio-Hotel-Scream-Recompenses-de-Tokio-Hotel-by-Source-Wikipedia.pdf
- http://loaminoo.linkpc.net/7097098098098090/Tokio-Hotel-Album-de-Tokio-Hotel-Chanson-de-Tokio-Hotel-Tournee-de-Tokio-Hotel-1000-Hotels-World-Tour-Welcome-to-Humanoid-City-Tour-by-Livres-Groupe.pdf
- http://loaminoo.linkpc.net/3094093091091/Until-I-Find-You-by-John-Irving.pdf
- http://loaminoo.linkpc.net/1098099099097/In-One-Person-by-John-Irving.pdf
- http://loaminoo.linkpc.net/1098097092099090/The-Imaginary-Girlfriend-by-John-Irving.pdf
- http://loaminoo.linkpc.net/9097099098093094/The-World-According-To-Garp-by-John-Irving.pdf
- http://loaminoo.linkpc.net/3098091090091099/The-World-According-to-Garp-by-John-Irving.pdf
- http://loaminoo.linkpc.net/2097092099094093/The-World-According-to-Garp-by-John-Irving.pdf
- http://loaminoo.linkpc.net/4090091092095091/The-World-According-to-Garp-by-John-Irving.pdf
- http://loaminoo.linkpc.net/4090099096094/The-Fourth-Hand-by-John-Irving.pdf
- http://loaminoo.linkpc.net/3096092093092094/The-World-According-to-Garp-by-John-Irving.pdf
- http://loaminoo.linkpc.net/6091094096099094/En-b-n-f-r-Owen-Meany-by-John-Irving.pdf
- http://loaminoo.linkpc.net/2098096090097094/The-Cider-House-Rules-by-John-Irving.pdf
- http://loaminoo.linkpc.net/3092093093092/The-Cider-House-Rules-by-John-Irving.pdf
- http://loaminoo.linkpc.net/7096091091099092/La-Petite-Amie-imaginaire-by-John-Irving.pdf
- http://loaminoo.linkpc.net/4090091091093097/A-Prayer-for-Owen-Meany-by-John-Irving.pdf
- http://loaminoo.linkpc.net/7097098098098090/Tokio-Hotel-Album-de-Tokio-Hotel-Chanson-de-Tokio-Hotel-Tournee-de-Tokio-Hotel-1000-Hotels-World-Tour-Welcome-to-Humanoid
Open this report in the interactive analyzer, or submit your own file for analysis.