MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF file contains a large number of embedded URLs, identified as a PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious with high confidence. The embedded URLs, such as http://loaminoo.linkpc.net/3095094090098094/Witches-Rings-by-Kerstin-Ekman.pdf, are likely used to direct users to malicious sites or for SEO poisoning. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9920
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://loaminoo.linkpc.net/3095094090098094/Witches-Rings-by-Kerstin-Ekman.pdf
- http://loaminoo.linkpc.net/2094092097090099/The-Dog-by-Kerstin-Ekman.pdf
- http://loaminoo.linkpc.net/5091092092092091/The-Spring-by-Kerstin-Ekman.pdf
- http://loaminoo.linkpc.net/2092092098093091/Bored-of-the-Rings-A-Parody-of-J-R-R-Tolkien-s-Lord-of-the-Rings-by-The-Harvard-Lampoon.pdf
- http://loaminoo.linkpc.net/2093093095096097/Witches-With-the-Enemy-Mist-Torn-Witches-3-by-Barb-Hendee.pdf
- http://loaminoo.linkpc.net/3093096093090/Witches-Abroad-Discworld-12-Witches-3-by-Terry-Pratchett.pdf
- http://loaminoo.linkpc.net/4096097098098093/Witches-in-Red-A-Novel-of-the-Mist-Torn-Witches-by-Barb-Hendee.pdf
- http://loaminoo.linkpc.net/3094096092095090/Witches-in-Red-Mist-Torn-Witches-2-by-Barb-Hendee.pdf
- http://loaminoo.linkpc.net/8097090099096092/Grendel-s-Game-Walther-Ekman-1-by-Erik-Mauritzson.pdf
- http://loaminoo.linkpc.net/1091090093093091090/Clarence-Goes-Out-West-amp-Meets-a-Purple-Horse-by-Jean-Ekman-Adams.pdf
- http://loaminoo.linkpc.net/1098092097096099/War-of-the-Witches-War-of-the-Witches-1-by-Maite-Carranza.pdf
- http://loaminoo.linkpc.net/3093099096090094/The-Lord-of-the-Rings-The-Lord-of-the-Rings-1-3-by-J-R-R-Tolkien.pdf
- http://loaminoo.linkpc.net/3095099091093094/The-Lord-of-the-Rings-The-Lord-of-the-Rings-1-3-by-J-R-R-Tolkien.pdf
- http://loaminoo.linkpc.net/8093097095094091/Winx-Club---Enemies-Gallery-Witches-Anagan-Ancestral-Witches-Army-of-Darkness-Belladone-Cassandra-Chimera-Darcy-Darko-Darma-Diaspro-Duman-Gantlos-Hunter-Troll-Icy-Karborg-Lord-Darkar-Lysslis-Mandragora-Mitzi-Ogron-by-Source-Wikia.pdf
- http://loaminoo.linkpc.net/3094097094090090/To-Kill-a-Kettle-Witch-A-Novel-of-the-Mist-Torn-Witches-Mist-Torn-Witches-4-by-Barb-Hendee.pdf
- http://loaminoo.linkpc.net/1098094093095095/The-Whitby-Witches-The-Whitby-Witches-1-by-Robin-Jarvis.pdf
- http://loaminoo.linkpc.net/4090093091093099/The-Belfry-Witches-Fly-Again-The-Belfry-Witches-4-6-by-Kate-Saunders.pdf
- http://loaminoo.linkpc.net/5091094099/Wisteria-Witches-Wisteria-Witches-1-by-Angela-Pepper.pdf
- http://loaminoo.linkpc.net/4090097092094090/Night-of-the-Witches-The-Bocor-Night-of-the-Witches-2-by-Don-Festge.pdf
- http://loaminoo.linkpc.net/4091098097091091/Yamada-kun-and-the-Seven-Witches-Vol-01-Yamada-kun-and-the-Seven-Witches-1-by-Miki-Yoshikawa.pdf
- http://loaminoo.linkpc.net/309509909
Open this report in the interactive analyzer, or submit your own file for analysis.