MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, pointing to various book titles hosted on loaminoo.linkpc.net. While the individual links are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO poisoning or to serve as a landing page for further malicious activity. The ML_NYX_PDF_MALICIOUS classifier also flagged this PDF with high confidence.
Machine Learning
- Nyx PDF Classifier malicious score 0.8905
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc
- http://loaminoo.linkpc.net/8099094090092/Queen-s-Own-Fool-Stuart-Quartet-1-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/4094096098096099/The-Rogues-Stuart-Quartet-4-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/1095090099091090/Queen-s-Own-Fool-A-Novel-of-Mary-Queen-of-Scots-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/1095093095099095/Except-the-Queen-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/6099098096095/Owl-Moon-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/6096099091091/The-Complete-Tawny-Man-Trilogy-Fool-s-Errand-The-Golden-Fool-Fool-s-Fate-by-Robin-Hobb.pdf
- http://loaminoo.linkpc.net/1094093098098097/How-Do-Dinosaurs-Go-to-School-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/3097094092096091/The-Magic-Three-of-Solatia-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/3098091097090096/Pumpkin-Baby-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/3090094097097099/Hush-Little-Horsie-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/1098095096099096/The-Magic-Three-of-Solatia-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/2096094090090/Dragonfield-and-Other-Stories-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/4098090096094092/Sleeping-Ugly-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/1090092090092096099/Afternoon-of-a-Faun-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/1097099092097096/Waking-Dragons-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/4096092098091094/The-Transfigured-Hart-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/2092098093096096/How-Do-Dinosaurs-Say-I-Love-You-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/2091098095099099/Wizard-s-Hall-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/2097099094099/No-Bath-Tonight-by-Jane-Yolen.pdf
- http://loaminoo.linkpc.net/5090098091098090/Here-s-a-Little-Poem-A-Very-First-Book-of-Poetry-by-Jane-Yolen.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.