MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
The PDF contains a large number of embedded links to external PDF files, all hosted on the domain 'loaminoo.linkpc.net'. This heuristic firing, combined with the ML classifier's high confidence, indicates a likely attempt to direct users to malicious content. No scripts were extracted from this sample. The document body was heavily corrupted, but the embedded URLs were still recoverable.
Machine Learning
- Nyx PDF Classifier malicious score 0.9891
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/2098097099093095/Hugger-Mugger-Spenser-27-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/4091091090096095/Potshot-Spenser-28-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/3099091093091090/Playmates-Spenser-16-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/3096091099098092/Playmates-Spenser-16-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/2093090098097090/Painted-Ladies-Spenser-38-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/9090090095098/Mortal-Stakes-Spenser-3-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/3099090096098097/Robert-B-Parker-s-Wonderland-Spenser-41-by-Ace-Atkins.pdf
- http://loaminoo.linkpc.net/3090093097097099/School-Days-Spenser-33-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/4099091098094097/The-Judas-Goat-Spenser-5-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/8099098092095/The-Godwulf-Manuscript-Spenser-1-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/4093096092098/The-Widening-Gyre-Spenser-10-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/2093093092094096/Early-Autumn-Spenser-7-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/9094097091090096/Der-gute-Terrorist-Ein-Auftrag-f-r-Spenser-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/3093097091095099/Robert-B-Parker-s-Little-White-Lies-Spenser-45-by-Ace-Atkins.pdf
- http://loaminoo.linkpc.net/1090093099092093092/Brutale-Wahrheit-Ein-Auftrag-f-r-Spenser-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/8093099097093093/Robert-B-Parker-s-Cheap-Shot-Spenser-42-by-Ace-Atkins.pdf
- http://loaminoo.linkpc.net/6091092091097096/Finale-im-Herbst-Ein-Auftrag-f-r-Spenser-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/1096095098093097/Hundred-Dollar-Baby-Spenser-34-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/1090093099092092099/Beute-f-r-Profis-Ein-Auftrag-f-r-Spenser-Band-4-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/1090093099092093094/Candy-Sloan-und-die-Dunkelm-nner-Ein-Auftrag-f-r-Spenser-Band-8-by-Robert-B-Parker.pdf
- http://loaminoo.linkpc.net/9094097091090096/Der-gute-Terro
Open this report in the interactive analyzer, or submit your own file for analysis.