MALICIOUS
104
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
T1204.002 Malicious Link
The PDF contains a significant number of external links, many of which point to other PDF files. This behavior is indicative of a link farm, often used to manipulate search engine rankings or to distribute malicious content. The primary link identified directs to a URL that appears to be part of this farm.
Machine Learning
- Nyx PDF Classifier clean score 0.0169
Heuristics 4
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINKPDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://siteslocate.com/ZG93bmxvYWR8aDhHYkhVNGFIeDhNVFkxTmpjM01UZ3hPSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/cairngorms/chayote.conservational?emagazine=dGhlIGZhdWx0IGluIG91ciBzdGFycyBtb3ZpZSBkb3dubG9hZCBpbiBoaW5kaSAyNwdGh&homeownership.clive
- https://www.sertani.com/upload/files/2022/07/7SC8tgZtU3uxSUUvQiTi_03_35ea5b7e7c170eb902583e3946791303_file.pdf
- https://evolvagenow.com/upload/files/2022/07/VyQZeISkkjR1DecbeGEP_03_3c6f250422d04eb6420ec329e0ad09de_file.pdf
- https://oregondealz.com/wp-content/uploads/2022/07/ant_man_full_movie_free_1080p_backgrounds.pdf
- https://obzorkuhni.ru/judi/lulowin-ng-compatible-con-windows-7-hot/
- https://subsidiosdelgobierno.site/statistica-10-crack-full-free-13/
- https://www.twp.ferguson.pa.us/sites/g/files/vyhlif576/f/styles/news_image_teaser/public/news/pages_from_bos_agenda_packet_05-16-2022_with_links.pdf
- https://www.yflyer.org/advert/castillos-de-carton-dvdripspanish2009/
- http://mysquare.in/?p=37357
- https://bharatiyadoot.com/covid19/72309/
- https://practicalislam.online/wp-content/uploads/2022/07/neurocienciacognitivadiegoredolarripollpdf76.pdf
- https://www.saugus-ma.gov/sites/g/files/vyhlif1181/f/uploads/fy_2018_final_values.pdf
- http://thebluedispatch.com/full-top-fsx-p3d-v3-v4-spai-traffic-pack-v7-ai-traffic-summer-2017/
- https://www.mypolithink.com/advert/footballmanager2019crack-topactivation/
- http://marcyrl.com/sites/default/files/webform/Kochikame-All-Episodes-Hindi.pdf
- https://coolbreezebeverages.com/tkl-online-full-crack-packl-work/
- https://octopi.nl/wp-content/uploads/2022/07/Kitab_Tauhid_Az_Zindani_Pdf_Download_REPACK.pdf
- https://www.reperiohumancapital.com/system/files/webform/ellielde320.pdf
- https://www.gift4kids.org/wp-content/uploads/2022/07/EZ_Grabber__USB_DVD_Maker_Capture_rar_CRACKED.pdf
- https://thedecwizard.com/wp-content/uploads/2022/07/COMPLETEZoneArchiveHentaiKeyFullCollectionzip_REPACK.pdf
- https://ritifercompwonty.wixsite.com/consebota/post/dream-boot-cd-2015-multi-rescue-disk-recovery-tools-update-hot
- http://www.tcpdf.org
- http://www.w3.org/1999/02/22-rdf-syntax-ns#
- http://purl.org/dc/elements/1.1/
- http://ns.adobe.com/xap/1.0/
- http://ns.adobe.com/pdf/1.3/
- http://ns.adobe.com/xap/1.0/mm/
- http://www.aiim.org/pdfa/ns/extension/
- http://www.aiim.org/pdfa/ns/schema#
- http://www.aiim.org/pdfa/ns/property#
- http://www.aiim.org/pdfa/ns/id/
Open this report in the interactive analyzer, or submit your own file for analysis.