MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF contains a large number of embedded URLs pointing to a single domain, characteristic of a link farm or redirection scheme. The ML classifier strongly indicated maliciousness. The primary attack pattern involves directing users to a potentially malicious collection of external PDF files, likely as a lure or to distribute further malware. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9912
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://tanceubio.myhome.cx/23d03d93d33d63d6/Doctor-Who-The-Official-Annual-2011-by-Moray-Laing.pdf
- http://tanceubio.myhome.cx/13d13d63d13d23d03d4/Doctor-Who-The-Official-Annual-2007-by-Jacqueline-Rayner.pdf
- http://tanceubio.myhome.cx/23d03d83d83d43d4/Doctor-Who-The-Official-Annual-2012-by-Justin-Richards.pdf
- http://tanceubio.myhome.cx/43d93d03d83d23d6/The-Official-Quotable-Doctor-Who-The-Wit-and-Wisdom-of-Doctor-Who-by-Cavan-Scott.pdf
- http://tanceubio.myhome.cx/33d13d33d33d73d9/Beast-Quest-Annual-2011-by-Adam-Blade.pdf
- http://tanceubio.myhome.cx/33d13d23d93d93d5/The-Adventures-of-Merlin-The-Official-Annual-2010-by-Various.pdf
- http://tanceubio.myhome.cx/63d23d23d83d73d8/The-Doctor-Who-Annual-1974-by-Edgar-Hodges.pdf
- http://tanceubio.myhome.cx/33d73d43d63d93d9/Doctor-Strange-2015--Annual-1-by-Kathryn-Immonen.pdf
- http://tanceubio.myhome.cx/43d03d83d03d53d8/Advanced-Communication-And-Networking-International-Conference-Acn-2011-Brno-Czech-Republic-August-15-17-2011-Proceedings-by-Tai-Hoon-Kim.pdf
- http://tanceubio.myhome.cx/13d13d23d63d93d63d1/Mippr-2011-Pattern-Recognition-and-Computer-Vision-4-6-November-2011-Guilin-China-by-Society-of-Photo-optical-Instrumentation-Engineers.pdf
- http://tanceubio.myhome.cx/13d03d93d13d83d23d3/Database-Systems-for-Advanced-Applications-16th-International-Conference-DASFAA-2011-Hong-Kong-China-April-22-25-2011-Proceedings-Part-II-by-Jeffrey-Xu-Yu.pdf
- http://tanceubio.myhome.cx/43d03d23d73d73d3/The-Doctor-s-New-Boy-and-Doctor-s-Orders-Books-One-and-Two-The-Dominant-Doctor-Book-1-by-Sammy-D-Adams.pdf
- http://tanceubio.myhome.cx/63d23d43d53d53d1/Image-Analysis-And-Recognition-8th-International-Conference-Iciar-2011-Burnaby-Bc-Canada-June-22-24-2011-Proceedings-Part-Ii-Lecture-Notes-Vision-Pattern-Recognition-And-Graphics-by-Mohamed-Kamel.pdf
- http://tanceubio.myhome.cx/23d93d43d63d93d7/Doctor-Who-The-Road-to-the-Thirteenth-Doctor-3-The-Twelfth-Doctor-by-James-Peaty.pdf
- http://tanceubio.myhome.cx/83d73d23d93d73d1/Rising-of-the-Lark-by-Ann-Moray.pdf
- http://tanceubio.myhome.cx/13d03d93d13d83d23d0/Database-Systems-for-Advanced-Applications-16th-International-Conference-DASFAA-2011-International-Workshops-GDB-SIM3-FlashDB-SNSMW-DaMEN-DQIS-Hong-Kong-China-April-22-25-2011-Proceedings-by-Jianliang-Xu.pdf
- http://tanceubio.myhome.cx/53d03d93d33d23d7/The-Official-History-of-Britain-and-the-Channel-Tunnel-Government-Official-History-Series-by-Terry-Gourvish.pdf
- http://tanceubio.myhome.cx/23d03d43d63d53d4/Shield-of-Kronos-The-Great-Knights-of-de-Moray-1-by-Kathryn-Le-Veque.pdf
- http://tanceubio.myhome.cx/83d13d23d53d23d3/Pok-mon-X-amp-Pok-mon-Y-The-Official-Kalos-Region-Guidebook-The-Official-Pok-mon-Strategy-Guide-by-Stephen-Stratton.pdf
- http://tanceubio.myhome.cx/83d93d13d6/Crudo-by-Olivia-Laing.pdf
- http://tanceubio.myhome.cx/43
Open this report in the interactive analyzer, or submit your own file for analysis.