MALICIOUS
64
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1204.002 Malicious Link
The PDF document contains a large number of external links, many of which point to other PDF files, suggesting a link farm designed to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a high volume of generated links, and 'PDF_URI' points to a specific suspicious URL that likely serves as a download point for malware. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier clean score 0.0057
Heuristics 3
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xtraserp.com/SU1BUENoZWNrSU1/alliedhighschool=ZG93bmxvYWR8WmsxTW1scmFueDhNVFkxTmpnNU1qTTFNbng4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/carpooling/mutilated.snorting
- https://itsupportnetwork.com/convert-xls-crack-2022-latest/
- https://ontimewld.com/upload/files/2022/07/9oljWe65cay985KVMBSn_04_05d82d83fb9067702a0e0f7d54be76f5_file.pdf
- http://op-immobilien.de/?p=9368
- https://aapanobadi.com/2022/07/04/syncml-client-for-ms-outlook-crack-activation-code-free-download-2022-latest/
- http://www.jrwarriorssc.com/wp-content/uploads/2022/07/maynqui.pdf
- https://ig-link.com/arlequin-crack-activation-free-for-pc/
- http://fritec-doettingen.ch/wp-content/uploads/2022/07/Evernote2Onenote__Crack__Download_For_Windows_Latest.pdf
- https://www.apokoronews.gr/advert/bohemian-typewriter-x64/
- https://ak-asyl-mgh.de/advert/quickset-internet-zone-for-pc/
- https://streetbazaaronline.com/wp-content/uploads/2022/07/Simply_Modbus_TCP__Crack___Download_WinMac_Updated2022.pdf
- https://socialmentoor.com/wp-content/uploads/2022/07/funrej.pdf
- http://www.strelkabrno.cz/advert/ip2location-lookup-tool-with-registration-code-win-mac-2022/
- https://cuteteddybearpuppies.com/2022/07/guifloatsign-free/
- http://cyclades.in/en/?p=87655
- https://sjbparishnaacp.org/wp-content/uploads/2022/07/EZ_Reg_Editor__Crack___Activation_Code_Free_Download_X64.pdf
- https://www.fairhaven-ma.gov/sites/g/files/vyhlif7541/f/uploads/records_access-_retirement.pdf
- https://rednails.store/blu-ray-disc-ripper-crack-free-updated-2022/
- https://med-smi.com/��������-��������������/
- http://go-premiums.com/wp-content/uploads/2022/07/foo_browser.pdf
- https://www.bigdawgusa.com/mathomatic-with-license-code-free-download-win-mac-2022/
- https://ontimewld.com/upload/files/2022/07/9oljWe65cay985KVMBSn_04_05d82d83fb9067702a0e0f7d54be76f
- https://aapanobadi.com/2022/07/04/syncml-client-for-ms-outlook-crack-activation-code-free-
- http://fritec-doettingen.ch/wp-
- https://streetbazaaronline.com/wp-
- https://sjbparishnaacp.org/wp-
- https://med-smi.com/���������������-���������������������������/
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.