Malicious PDF — malware analysis report

Static analysis result for SHA-256 081d10251a930859…

MALICIOUS

PDF

15.9 KB Created: 2019-05-02 01:00:41 +01:00 Authoring application: mPDF 5.7
MD5: f956cbae2b23940732ad460b9e2d21fe SHA-1: 43d9e4d9ce5169e02f77ee200579b97e861c3bd2 SHA-256: 081d10251a9308594f8761657179b0e4644ca685809549f670695ce50683e3c3
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm, suggesting a phishing or content-luring attempt. The ML classifier also flagged this PDF as malicious with high confidence. While no scripts were extracted, the presence of numerous external links points towards a potential spearphishing attachment tactic.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9892

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090098098093099092/Sailor-Moon-SuperS-2-Sailor-Moon-SuperS-2-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098093099095/Sailor-Moon-SuperS-4-Sailor-Moon-SuperS-4-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/4094097094099/Pretty-Guardian-Sailor-Moon-Vol-1-Pretty-Soldier-Sailor-Moon-Renewal-Edition-1-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/2097099093095099/Pretty-Guardian-Sailor-Moon-Vol-3-Pretty-Soldier-Sailor-Moon-Renewal-Edition-3-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098093095090/Sailor-Moon-5-Sailor-Moon-5-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098093098098/Sailor-Moon-8-Sailor-Moon-8-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098093098097/Sailor-Moon-7-Sailor-Moon-7-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098093099093/Sailor-Moon-Stars-2-Sailor-Moon-Stars-2-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090098098095090096/Sailor-Moon-Stars-3-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/4097098099094097/Sailor-Moon-Stars-2-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1090090099097092099/Sailor-Moon-9-Nimm-dich-in-Acht-Periglia-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/1091092097098095092/Sailor-Moon-the-Novels-Mars-Attacks-Sailor-Moon-4-by-Stuart-J-Levy.pdf
    • http://loaminoo.linkpc.net/4097098095091093/Meet-Sailor-Mercury-Ice-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/2095093091090091/Meet-Sailor-Venus-Love-by-Naoko-Takeuchi.pdf
    • http://loaminoo.linkpc.net/9098096095090095/GURPS-Supers-by-William-H-Stoddard.pdf
    • http://loaminoo.linkpc.net/9098098093098093/The-War-of-the-Supers-The-First-Superhero-3-by-Logan-Rutherford.pdf
    • http://loaminoo.linkpc.net/9098098093097099/The-Siege-of-the-Supers-The-First-Superhero-2-by-Logan-Rutherford.pdf
    • http://loaminoo.linkpc.net/3093092092093093/Super-Supers-of-Noble-s-Green-2-by-Matthew-Cody.pdf
    • http://loaminoo.linkpc.net/4092097096091/Powerless-Supers-of-Noble-s-Green-1-by-Matthew-Cody.pdf
    • http://loaminoo.linkpc.net/3093091099091092/West-Pacific-Supers-Rising-Tide-by-K-M-Johnson-Weider.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.