MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a large number of embedded URLs, identified as a link farm. These URLs likely lead to further malicious content or phishing pages. The ML classifier strongly indicated maliciousness, supporting the heuristic finding of a PDF SEO link farm.
Machine Learning
- Nyx PDF Classifier malicious score 0.9925
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/5092095097096094/Harry-Potter-and-the-Goblet-of-Fire---Harry-Potter-dan-Piala-Api-Harry-Potter-4-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/4097090092092099/Harry-Potter-and-the-Goblet-of-Fire-Harry-Potter-4-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/2094095091099/Harry-Potter-and-the-Goblet-of-Fire-Harry-Potter-4-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/5092095097091099/Harry-Potter-and-the-Sorcerer-s-Stone---Harry-Potter-dan-Batu-Bertuah-Harry-Potter-1-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3097098092097097/Harry-Potter-and-the-Half-Blood-Prince-Harry-Potter-6-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/5096098098098096/Harry-Potter-und-der-Gefangene-von-Askaban-German-Audio-CD-11-Compact-Discs-Edition-of-quot-Harry-Potter-and-the-Prisoner-of-Azkaban-quot-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/2093095097099095/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/6090099097093/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/6097090092096/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3095092098098093/Harry-Potter-and-the-Philosopher-s-Stone-Harry-Potter-1-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/8092095095091/Harry-Potter-and-the-Order-of-the-Phoenix-Harry-Potter-5-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3095093094090/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3091099094099093/Harry-Potter-and-the-Philosopher-s-Stone-Harry-Potter-1-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3098097095094/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/6090097095093092/Harry-Potter-and-the-Deathly-Hallows-Harry-Potter-7-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/6090097094095098/Harry-Potter-and-the-Philosopher-s-Stone-Harry-Potter-1-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3095097097097/Harry-Potter-and-the-Deathly-Hallows-Harry-Potter-7-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3091093095097090/Harry-Potter-and-the-Chamber-of-Secrets-Harry-Potter-2-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/5098091096090097/Harry-Potter-and-the-Philosopher-s-Stone-Harry-Potter-1-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/3097096098092096/Harry-Potter-and-the-Order-of-the-Phoenix-Harry-Potter-5-by-J-K-Rowling.pdf
- http://loaminoo.linkpc.net/5096098098098096/Harry-Potter-und-der-Gefangene-von-Askaban-German-Audio-CD-11-Compact-Discs-Edition-of-quot-Harry-Potter-and-the-Prisoner-of
Open this report in the interactive analyzer, or submit your own file for analysis.