MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
T1059.001 PowerShell
The PDF document contains a large number of external links, many of which point to potentially malicious or low-reputation websites. The heuristic 'PDF_SEO_LINK_FARM' indicates a deliberate attempt to create a link farm, likely to distribute malware or engage in SEO manipulation. The embedded URL 'http://evacdir.com/...' is a primary indicator of a malicious redirect or download attempt.
Machine Learning
- Nyx PDF Classifier clean score 0.0280
Heuristics 3
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://evacdir.com/ZG93bmxvYWR8ajVaTnpnd2JYeDhNVFkxTkRjNE1EZzNPWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/decapitated/employess/TGljem5payA0OGETGl=glocker&palkra=harald&vauxcelles=holism
- https://www.5etwal.com/wp-content/uploads/2022/06/Samsung_Clone_Galaxy_A9_Flash_File_MT6580_51__Firmware__Tested.pdf
- https://covid19asap.com/?p=14188
- https://lernkurse.de/wp-content/uploads/2022/06/Windows_Vista_Home_Basic_32_Bit_Iso_Mega.pdf
- https://lutce.ru/wp-content/uploads/2022/06/wise_folder_hider_pro_432191_crack_product_key_free_download_2020_exclusive.pdf
- http://gobigup.com/?p=6814
- https://flagonsworkshop.net/upload/files/2022/06/VjC6MNtXMBwAd5NWrJhR_10_bc64257cfbe1c45ec69b2211d4597883_file.pdf
- https://marcsaugames.com/2022/06/10/simio-simulation-download-crack-gta/
- http://alghadeer.net/wp-content/uploads/2022/06/3_sweep_for_free_download.pdf
- http://applebe.ru/2022/06/10/sap-accounting-software-free-download-crackiso/
- https://overmarket.pl/uncategorized/fastgsm-bcm-flasher-1-0-0-33-free-download-full-version-link/
- https://www.ibjf.at/wp-content/uploads/2022/06/palojos.pdf
- http://riccardoriparazioni.it/?p=6232
- http://www.ndvadvisers.com/tenchu-san-portable-english-patch/
- https://www.cooks.am/wp-content/uploads/2022/06/fayliv.pdf
- https://ourlittlelab.com/crack-business-in-a-box-product-key-rar/
- https://jariosos.com/upload/files/2022/06/qfw7mZ7hC1Ip4oLR5uuI_10_bc64257cfbe1c45ec69b2211d4597883_file.pdf
- http://tichct.ir/wp-content/uploads/2022/06/Bazaar_Hd_1080p_Movie_Torrent_Download_CRACKED.pdf
- https://searchlocal.ie/wp-content/uploads/2022/06/weltmart.pdf
- https://www.stayza.com/wp-content/uploads/2022/06/fce_Use_of_English_2_by_Virginia_Evans_Teachers_Book_15.pdf
- https://ghee244et3.wixsite.com/calsmanedan/post/traktor-2-2-6-0-better-crack
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00001b8c.bina217f12862e0ff75203bdd4136ca0d68471050be46bb09aed5306898926ffdd4 |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x1B8C | 120140 bytes |
Open this report in the interactive analyzer, or submit your own file for analysis.