MALICIOUS
92
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains a large number of embedded links pointing to external PDF files hosted on the domain 'cefasfese.4pu.com'. This behavior is indicative of a link farm or a lure to a malicious site, as flagged by the PDF_SEO_LINK_FARM heuristic. The ML classifier also strongly indicated maliciousness. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.9811
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cefasfese.4pu.com/2737733732739/The-Bone-Flute-by-Lisa-Tuttle.pdf In PDF document text
- http://cefasfese.4pu.com/4732735739736734/Ghosts-amp-Other-Lovers-by-Lisa-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/1730735734737736735/Skin-of-the-Soul-by-Lisa-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/1737739736737739/Gabriel-s-Revenge-The-Adventures-of-Gabriel-Celtic-2-by-J-T-Lewis.pdfIn PDF document text
- http://cefasfese.4pu.com/1730731737736/Gabriel-s-Redemption-Gabriel-s-Inferno-3-by-Sylvain-Reynard.pdfIn PDF document text
- http://cefasfese.4pu.com/1737734735732730/Gabriel-Stone-and-the-Wrath-of-the-Solarians-Gabriel-Stone-2-by-Shannon-Duffy.pdfIn PDF document text
- http://cefasfese.4pu.com/2734733738736731/Gabriel-Stone-and-the-Divinity-of-Valta-Gabriel-Stone-1-by-Shannon-Duffy.pdfIn PDF document text
- http://cefasfese.4pu.com/3738735733737734/The-Markhat-Files-by-Frank-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/3732736735739731/Passing-the-Narrows-by-Frank-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/2737737738732734/Paisley-Hanover-Acts-Out-by-Cameron-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/4731736730734739/Hold-the-Dark-Markhat-3-by-Frank-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/6737738738733738/Bad-Girls-Gde-to-Open-Road-by-Cameron-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/2731737737731737/Web-of-Deceit-Forgotten-Legacy-3-by-Richard-S-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/1730737730730730735/Being-and-Awesomeness-Get-Rad-Stay-Rad-by-Tiffany-Zlatich-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/1731736730736731733/Watersong-Circle-A-Diary-of-Flowers-by-Tuttle-Publishing.pdfIn PDF document text
- http://cefasfese.4pu.com/4733732731734737/The-Adventures-of-Ed-Tuttle-Associate-Justice-and-Other-Stories-by-Jay-Wexler.pdfIn PDF document text
- http://cefasfese.4pu.com/2734736731733734/The-Sockdolager-Fall-2015-Issue-03-by-Paul-Tuttle-Starr.pdfIn PDF document text
- http://cefasfese.4pu.com/1730732730733735731/ROE-amp-ARROW-The-Legend-of-Fireside-Hunt-Club-by-Trent-Tuttle.pdfIn PDF document text
- http://cefasfese.4pu.com/7735739732730736/Gabriel-Loire-les-vitraux-quot-La-lumi-re-semble-venir-de-l-int-rieur-quot-Gabriel-Loire-stained-glass-quot-The-light-seems-to-come-from-within-quot-by-Charles-W-Pratt.pdfIn PDF document text
- http://cefasfese.4pu.com/7733736734730738/The-Selected-Works-of-Gabriel-Deville-by-Gabriel-Deville.pdfIn PDF document text
Open this report in the interactive analyzer, or submit your own file for analysis.