MALICIOUS
90
Risk Score
Malware Insights
MITRE ATT&CK
T1566.002 Spearphishing Attachment
T1059.001 PowerShell
The PDF file was flagged by a machine learning classifier as malicious and contains a large number of embedded external links. The heuristic 'PDF_SEO_LINK_FARM' indicates that these links are likely part of a link farm, designed to redirect users to potentially harmful websites or phishing pages. No scripts were extracted from this sample, but the extensive link farm suggests a social engineering attack aimed at luring users to malicious content.
Machine Learning
- Nyx PDF Classifier malicious score 0.9790
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://easckaolp.myhome.cx/1841840849849841849/Die-Wunden-Des-Staates-Kriegsopfer-Und-Sozialstaat-in-Osterreich-1914-1938-by-Verena-Pawlowsky.pdf
- http://easckaolp.myhome.cx/1841841849843844844/Der-Romische-Limes-in-Osterreich-Fuhrer-Zu-Den-Archaologischen-Denkmalern-by-Verena-Gassner.pdf
- http://easckaolp.myhome.cx/1841848849846841842/Fernsehsendung-Osterreich-Musikantenstadl-Pop-Around-the-Clock-Wetten-Dass-Wickie-Slime-amp-Paiper-Willkommen-Osterreich-by-Quelle-Wikipedia.pdf
- http://easckaolp.myhome.cx/1841842847844842849/Jakobsweg-in-Osterreich-Wege-Der-Jakobspilger-Jakobsweg-Weinviertel-Jakobsweg-Osterreich-Sudosterreichischer-Jakobsweg-by-Quelle-Wikipedia.pdf
- http://easckaolp.myhome.cx/9841849840846841/Im-Namen-des-Staates-d-Begr-ndung-d-Staatsraison-in-d-fr-hen-Neuzeit-by-Herfried-M-nkler.pdf
- http://easckaolp.myhome.cx/1841840849843847843/Wunden-k-nnen-heilen-by-Aliehs-Ich.pdf
- http://easckaolp.myhome.cx/1841840849844848841/Chronische-Wunden-Beurteilung-und-Behandlung-by-Susanne-Danzer.pdf
- http://easckaolp.myhome.cx/1841840849847843840/Vererbte-Wunden-Transgenerationale-Weitergabe-traumatischer-Erfahrungen-by-Marianne-Rauwald.pdf
- http://easckaolp.myhome.cx/1841840849847847842/Der-Herbst-heilt-alle-Wunden-Willkommen-in-Sanctuary-4-by-Cooper-McKenzie.pdf
- http://easckaolp.myhome.cx/1841840849847848844/Von-den-Wunden-des-Herzens-Wegbegleiter-durch-Zeiten-der-Depression-by-Jean-Vanier.pdf
- http://easckaolp.myhome.cx/1841840849844846847/Alte-Wunden-heilen-nicht-Jaymie-Zarlin-by-Karen-Keskinen.pdf
- http://easckaolp.myhome.cx/9847841845840840/Vineland-Historical-and-Antiquarian-Society-Annual-Report-for-the-Year-Ending-October-13-1914-Proceedings-at-the-Fiftieth-Anniversary-of-the-Society-1864-1914-by-Vineland-Historical.pdf
- http://easckaolp.myhome.cx/1841840849849842844/Alte-Wunden-Commissaire-Muller-ermittelt-wieder-im-Elsass-by-Yves-Jean-Plassner.pdf
- http://easckaolp.myhome.cx/1840841842846845843/Saying-Goodbye-to-Verena-by-Ivy-Turow.pdf
- http://easckaolp.myhome.cx/1840841842846845847/Balik-Kampung-by-Verena-Tay.pdf
- http://easckaolp.myhome.cx/1840841842848844841/Balik-Kampung-2B-Contemplations-by-Verena-Tay.pdf
- http://easckaolp.myhome.cx/1841842848848844844/Mein-Nachbar-der-Million-r-by-Verena-Bergmeier.pdf
- http://easckaolp.myhome.cx/1841849845848848846/Das-Gl-ck-in-wei-en-N-chten-by-Verena-Rabe.pdf
- http://easckaolp.myhome.cx/1840840840845844842/Susi-will-ein-Krampus-sein-by-Verena-J-rgo.pdf
- http://easckaolp.myhome.cx/9842842849848846/Geile-Fickspiele-mit-der-G-rtnerin-by-Verena-Mannsfeld.pdf
- http://easckaolp.myhome.cx/1841842847844842849/Jakobsweg-in-Osterreich-Wege-Der-Jakobspilger-Jakobsweg-Weinviertel-Jakobsw
Open this report in the interactive analyzer, or submit your own file for analysis.