MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1059.001 PowerShell
The PDF document contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. While the document body itself is heavily obfuscated, the presence of numerous links suggests an attempt to manipulate search engine results or distribute further malicious content. The ML_NYX_PDF_MALICIOUS classifier also strongly indicated maliciousness. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9880
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://xiixmcuin.linkpc.net/1206207208200206/Lucifer-Volume-1-Cold-Heaven-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/5200202205204204/The-Chronicles-of-Lucifer-Jones-Volume-I----1922-1926-Adventures-The-Chronicles-of-Lucifer-Jones-1-by-Mike-Resnick.pdf
- http://xiixmcuin.linkpc.net/2206203209205209/Flight-to-Heaven-A-Plane-Crash-a-Lone-Survivor-a-Journey-to-Heaven--And-Back-by-Dale-Black.pdf
- http://xiixmcuin.linkpc.net/3201206204205200/The-Wreck-of-Heaven-The-World-Gates-2-by-Holly-Lisle.pdf
- http://xiixmcuin.linkpc.net/6204208207200200/The-Ice-Cold-Heaven-by-Mirko-Bonn-.pdf
- http://xiixmcuin.linkpc.net/4200201205209204/Dawn-Volume-1-Lucifer-s-Halo-by-Joseph-Michael-Linsner.pdf
- http://xiixmcuin.linkpc.net/4203206205206202/This-Cold-Heaven-Seven-Seasons-in-Greenland-by-Gretel-Ehrlich.pdf
- http://xiixmcuin.linkpc.net/2203205207203200/The-Queen-of-Nothing-The-Folk-of-the-Air-3-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/2204204202207209/Doll-Bones-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/2201208200200203/Doll-Bones-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/1203205201202208/The-Copper-Gauntlet-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/4202200204206209/Red-Glove-Curse-Workers-2-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/7202207204204/The-Darkest-Part-of-the-Forest-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/4209204202202203/White-Cat-Curse-Workers-1-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/2202208200205200/Kith-The-Good-Neighbors-2-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/1202200208200209/White-Cat-Curse-Workers-1-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/6206200208/The-Silver-Mask-Magisterium-4-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/3207204207203202/Kind-The-Good-Neighbors-3-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/7201206209/The-Cruel-Prince-The-Folk-of-the-Air-1-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/9200203204/The-Lost-Sisters-The-Folk-of-the-Air-1-5-by-Holly-Black.pdf
- http://xiixmcuin.linkpc.net/220
Open this report in the interactive analyzer, or submit your own file for analysis.