MALICIOUS
104
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
T1204.002 Malicious Link
The PDF contains a significant number of external links, many of which point to other PDF files, indicating a link farm designed to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' strongly suggests this malicious intent. The presence of multiple URLs, including one that appears to be a download link for a cracked software component, further supports the malicious classification.
Machine Learning
- Nyx PDF Classifier clean score 0.0086
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINKPDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://findinform.com/inflate/geosafari/MiBmYXN0IDIgZnVyaW91cyAxMDgwcCB5aWZ5IHRvcnJlbnQMiB/ZG93bmxvYWR8V0o0Wm5Cbk4zeDhNVFkxTnpBMk56RTFOSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/?subparts=cholesterolosis
- https://www.myai-world.com/adobe-acrobat-reader-11-pro-crack-amtlib-dll-repack/
- http://dragonsecho.com/?p=9857
- https://paydayplus.net/system/files/webform/hd-online-player-kylie-freeman-vicky-videos.pdf
- http://autocracymachinery.com/?p=30332
- https://wanaly.com/upload/files/2022/07/MmwvbnQrTMcG7saoEKr3_06_113710f8d70683b400e420b9f7ebe04d_file.pdf
- https://trevelia.com/upload/files/2022/07/wErlfGCdQffLdziwyDIN_06_9f6da442a5f7af8174b5f4215058da4e_file.pdf
- https://mentorus.pl/ankilozan-spondilit-egzersizleri-resimli-pdf-free-verified/
- https://www.almaluxjesolo.it/web-commerce-technology-handbook-pdf-download-install/
- http://www.studiofratini.com/castle-story-32-bit-crack-upd/
- https://seoburgos.com/download-best-film-wu-xia-donnie-yen-movie/
- https://www.opticnervenetwork.com/wp-content/uploads/2022/07/savtal.pdf
- https://agisante.com/sites/default/files/webform/jybodivi789.pdf
- https://www.vuturegaming.com/wp-content/uploads/2022/07/AutoCAD_LT_2009_32_Bit_x86_English_Keygen.pdf
- https://cegcreative.com/2022/07/06/fix-it-felix-jr-genesis-rom-23/
- https://www.wangfuchao.com/wp-content/uploads/2022/07/amblheme.pdf
- http://topfleamarket.com/?p=31001
- https://repliquetees.com/advert/air-gear-24-25-dvdrip-vf-vostfr-oav-vostfr/
- https://nearbyhostels.com/wp-content/uploads/2022/07/FaceFilter_PRO_304_Crack_FREE_Download_BEST.pdf
- https://wanaly.com/upload/files/2022/07/MmwvbnQrTMcG7saoEKr3_06_113710f8d70683b400e420b9f7ebe04
- https://trevelia.com/upload/files/2022/07/wErlfGCdQffLdziwyDIN_06_9f6da442a5f7af8174b5f4215058da4e_file
- https://www.vuturegaming.com/wp-
- http://rianeca.yolasite.com/resources/Contohkasusleaderlessgroupdiscussionpdf.pdf
- https://trello.com/c/pcMyVyBM/125-la-brujula-dorada-1080p-castellano-15-hot
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.