Malicious PDF — malware analysis report

Static analysis result for SHA-256 0872cf989eeb2df4…

MALICIOUS

PDF

13.7 KB Created: 2019-04-29 23:04:41 +01:00 Authoring application: mPDF 5.7
MD5: a8309a4cde149904c28a88344032eacd SHA-1: e8917d493990a14c6a240bcda5ba95f1db7ad60c SHA-256: 0872cf989eeb2df4d60a0f0915b8fdd1106995cbf15a1f51f391ba10cd4b9c82
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified as a link farm. These links point to various PDF files hosted on the same domain, suggesting a tactic to manipulate search engine results or distribute content. While the specific intent of the linked PDFs is unclear, the sheer volume and nature of the links indicate a malicious or at least highly suspicious activity.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3096099099091090/Merciless-Ride-Hellions-Ride-3-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/4095096093090094/Eternal-Ride-Hellions-Ride-4-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/3099092097092096/Forever-Ride-Hellions-Ride-2-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/4093091093099097/One-Ride-Hellions-Ride-1-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/2091091098097095/One-Ride-Hellions-Ride-1-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/1097093097098098/One-Ride-Hellions-Ride-1-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/3095098090097096/A-Ride-or-Die-Kind-of-Love-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/4095096091097094/Ride-Hard-Ride-Fast-Seven-Devils-MC-1-by-Candice-Owen.pdf
    • http://loaminoo.linkpc.net/4095096093091092/Hard-Ride-Ready-to-Ride-4-by-Opal-Carew.pdf
    • http://loaminoo.linkpc.net/1094096093092098/Wilde-Ride-Ride-1-by-Maegan-Lynn-Moores.pdf
    • http://loaminoo.linkpc.net/4098096093096090/Wild-Ride-Let-it-Ride-2-by-Cynthia-Rayne.pdf
    • http://loaminoo.linkpc.net/4096091095091092/Ride-Em-Hard-Cowboy-Ride-Em-3-by-J-P-Bowie.pdf
    • http://loaminoo.linkpc.net/3099094090093090/Ride-Em-Cowboy-Ride-Em-1-by-J-P-Bowie.pdf
    • http://loaminoo.linkpc.net/4096097097098098/Ride-To-Restoration-Ride-2-by-D-J-Wilson.pdf
    • http://loaminoo.linkpc.net/1092094098094099/Maximum-Ride-Vol-7-Maximum-Ride-The-Manga-7-by-James-Patterson.pdf
    • http://loaminoo.linkpc.net/3094096094099/Maximum-Ride-Vol-1-Maximum-Ride-The-Manga-1-by-James-Patterson.pdf
    • http://loaminoo.linkpc.net/8094095/Maximum-Ride-Forever-Maximum-Ride-9-by-James-Patterson.pdf
    • http://loaminoo.linkpc.net/3099092090096098/Ice-Regulators-MC-1-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/4095095097097092/Hammer-Regulators-MC-2-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/4096090092091098/Ride-Trilogy-Ride-Trilogy-1-by-Jayne-Blue.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.