MALICIOUS
104
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF document contains a large number of external links, many of which point to what appear to be cracked software or other potentially unwanted content. The heuristic 'PDF_SEO_LINK_FARM' indicates a deliberate attempt to create a link farm, likely to distribute malware or engage in SEO manipulation. The 'SE_PASSWORD_ARCHIVE_LURE' heuristic suggests that the document may be intended to trick users into believing they need a password to access an archive, a common tactic for hiding malicious payloads.
Machine Learning
- Nyx PDF Classifier clean score 0.0229
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Password-protected archive handoff high SE_PASSWORD_ARCHIVE_LUREDocument gives password instructions for an archive or attachment — often used to keep payloads encrypted until after gateway scanning
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://raisengine.com/ZG93bmxvYWR8VTh6ZUdnMGFYeDhNVFkxTmpjM01UZ3hPSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/deterred?guanches=confiserie/curriculae&nexus=UnBjIFBsdWdpbiAzZHMgTWF4IDIwMDkgNjQgQml0IDE2UnB&picella=
- https://htownkitchenandbath.com/wp-content/uploads/2022/07/NCH_WavePad_Sound_Editor_Masters_Edition_v705_Crack_download.pdf
- https://www.kuettu.com/upload/files/2022/07/pNQcTxPkvOxv9TiwfNjC_03_754b671c16a4ba99edf263358c264166_file.pdf
- http://alkalinedietexposed.com/license-key-for-easendmail-tryit-repack/
- https://sheltered-fortress-31140.herokuapp.com/dagelly.pdf
- https://www.eldoradosapphirecompany.com/2022/07/03/iz3d-driver-113-crack-hot-2/
- https://pure-sierra-15197.herokuapp.com/dallmarc.pdf
- https://powerful-atoll-35603.herokuapp.com/FULL_Google_Sketchup_Pro_v8014346_Incl_serials.pdf
- http://www.studiofratini.com/adobe-acrobat-x-pro-keygen-by-paradox-fix/
- https://www.hubeali.com/wp-content/uploads/anh_sex_chung_han_dong.pdf
- https://openld.de/wp-content/uploads/2022/07/kayfre.pdf
- https://lanave.es/wp-content/uploads/2022/07/Winning_Post_7_2013_Pc_Download_FULL.pdf
- https://kansabook.com/upload/files/2022/07/2DJ2rOAQnEwkVQFNh5IF_03_71ff7d815fcd98222d9743e361c9eb54_file.pdf
- https://nailsmerle.com/adobe-photoshop-lightroom-5-3-crack-top/
- https://concourse-pharmacy.com/wp-content/uploads/2022/07/Siemens_LOGO_Soft_Comfort_V6_0_4_Multi_NEW_Full_Update_V6_1_12_20.pdf
- https://furrymonde.com/wp-content/uploads/2022/07/mauodea.pdf
- http://www.vinergie.net/wp-content/uploads/2022/07/bertpry.pdf
- https://fotofables.com/skidrow-password-tool-v1-7-rarl/
- https://www.bigdawgusa.com/shanky-holdem-poker-bot-license-genrator-latest/
- https://lannews.net/advert/hd-online-player-love-aaj-kal-2-portable-full-movie-in-hindi-w/
- http://horley.life/?p=30735
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.