MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF contains a large number of embedded links to external PDF files hosted on the `cmeinasaoo.duckdns.org` domain. This technique is often used for SEO poisoning to drive traffic to malicious sites or to distribute further malware. The ML classifier strongly indicated maliciousness, and the PDF_SEO_LINK_FARM heuristic confirms the suspicious link distribution.
Machine Learning
- Nyx PDF Classifier malicious score 0.9942
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cmeinasaoo.duckdns.org/1b20b29b23b26b25b27/Bauwerk-in-Munster-Westfalen-Baudenkmal-in-Munster-Westfalen-Gymnasium-in-Munster-Westfalen-Kirchengebaude-in-Munster-by-Quelle-Wikipedia.pdf
- http://cmeinasaoo.duckdns.org/1b20b29b23b28b25b29/Religion-in-Munster-Westfalen-Judentum-in-Munster-Westfalen-Kirchengebaude-in-Munster-Westfalen-St--Paulus-Dom-St--Mauritz-Kirche-by-Quelle-Wikipedia.pdf
- http://cmeinasaoo.duckdns.org/1b20b29b23b25b29b26/Skulptur-Projekte-Munster-07-Public-Sculpture-Skulptur-Projekte-Munster-07-by-Kasper-K-nig.pdf
- http://cmeinasaoo.duckdns.org/9b21b24b25b28b20/King-Lear---Classic-Version-Annotated-Quotes-Other-Features-by-William-Shakespeare.pdf
- http://cmeinasaoo.duckdns.org/7b27b24b20b24b29/King-Lear---The-Annotated-Edition-including-the-classic-A-C-Bradley-lectures-by-William-Shakespeare.pdf
- http://cmeinasaoo.duckdns.org/3b27b22b28b28b20/DC-Super-Hero-Girls-Vol-1-Finals-Crisis-by-Shea-Fontana.pdf
- http://cmeinasaoo.duckdns.org/1b21b27b20b20b26b29/Trading-Paint-Dale-Earnhardt-Vs-Jeff-Gordon-Classic-Photos-from-a-Classic-Rivalry-by-Mark-Bechtel.pdf
- http://cmeinasaoo.duckdns.org/3b23b21b29b25b26/The-Haw-Lantern-by-Seamus-Heaney.pdf
- http://cmeinasaoo.duckdns.org/1b21b24b24b23b22/Ann-and-Seamus-by-Kevin-Major.pdf
- http://cmeinasaoo.duckdns.org/1b29b28b20b26b27/Station-Island-by-Seamus-Heaney.pdf
- http://cmeinasaoo.duckdns.org/1b20b25b25b20b23/District-and-Circle-by-Seamus-Heaney.pdf
- http://cmeinasaoo.duckdns.org/3b28b24b28b22b23/Bitter-Oranges-by-Seamus-O-39-Connor.pdf
- http://cmeinasaoo.duckdns.org/3b28b24b28b21b20/Sweeney-s-Flight-by-Seamus-Heaney.pdf
- http://cmeinasaoo.duckdns.org/1b23b28b27b21b29/Sweeney-Astray-by-Seamus-Heaney.pdf
- http://cmeinasaoo.duckdns.org/3b26b25b23b23/Reading-in-the-Dark-by-Seamus-Deane.pdf
- http://cmeinasaoo.duckdns.org/1b21b28b27b20b27b21/Anne-of-Green-Gables-the-Children-s-Classic-Novel-by-Lucy-Maud-Montgomery-Classic-Books-by-L-M-Montgomery.pdf
- http://cmeinasaoo.duckdns.org/1b20b29b23b27b22b24/The-Vikings-in-Munster-by-Tom-Birkett.pdf
- http://cmeinasaoo.duckdns.org/7b21b22b21b22b28/Seamus-Tripp-amp-the-Sword-of-Orion-by-Jon-Garett.pdf
- http://cmeinasaoo.duckdns.org/1b20b29b23b25b21b26/Munster-Village-by-Mary-Hamilton.pdf
- http://cmeinasaoo.duckdns.org/1b20b29b23b25b29b20/The-Old-Munster-Circuit-by-Maurice-Healy.pdf
- http://cmeinasaoo.duckdns.org/7b27b24b20b24b29/King-Lear---The-Annotated-Edition-including-the-classic-A-C-Bradley-le
Open this report in the interactive analyzer, or submit your own file for analysis.