Malicious PDF — malware analysis report

Static analysis result for SHA-256 09175a0b3dee345f…

MALICIOUS

PDF

14.3 KB Created: 2019-05-07 03:19:47 +01:00 Authoring application: mPDF 5.7
MD5: 4d433a7e840cc23a58fcee1f71e3a787 SHA-1: 57ed499fb718155a5b9ec3f894bc55f3b4e88619 SHA-256: 09175a0b3dee345fe0d76e3fc16a6d3fc3d1a0c4bcb397f2acd8b3cf276ee9db
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, forming a link farm. These URLs are designed to direct users to external PDF documents, likely as a method of distributing malicious content or for SEO manipulation. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/5099093090096/Instamatic-Karma-Photographs-of-John-Lennon-by-May-Pang.pdf
    • http://loaminoo.linkpc.net/5092098096095094/John-Lennon-The-Lost-Weekend-by-Pang.pdf
    • http://loaminoo.linkpc.net/5092098095096091/Lennon-on-Lennon-Conversations-with-John-Lennon-by-Jeff-Burger.pdf
    • http://loaminoo.linkpc.net/1090092097093094090/John-Lennon-In-Seiner-Eigenen-Schreibe-by-John-Lennon.pdf
    • http://loaminoo.linkpc.net/4099097090094098/The-Songs-of-John-Lennon-The-Beatles-Years-by-John-Stevens.pdf
    • http://loaminoo.linkpc.net/6095098091093/John-by-Cynthia-Lennon.pdf
    • http://loaminoo.linkpc.net/1091099090096099/Lennon-s-Rain-Lennon-s-Girls-2-by-Chris-Myers.pdf
    • http://loaminoo.linkpc.net/5092098095096092/Lennon-s-Jinx-Lennon-s-Girls-1-by-Chris-Myers.pdf
    • http://loaminoo.linkpc.net/1094096092095098/Lennon-s-Jinx-Lennon-s-Girls-1-by-Chris-Myers.pdf
    • http://loaminoo.linkpc.net/5092098095096093/Lennon-s-Hope-Lennon-s-Girls-3-by-Chris-Myers.pdf
    • http://loaminoo.linkpc.net/5092098096092090/John-Lennon-by-Alan-Clayson.pdf
    • http://loaminoo.linkpc.net/4099098093097096/Memories-of-John-Lennon-by-Yoko-Ono.pdf
    • http://loaminoo.linkpc.net/5092098095098097/John-Lennon-and-the-Jews-by-Ze-39-ev-Maghen.pdf
    • http://loaminoo.linkpc.net/4094091095090094/John-Ono-Lennon-Volume-2-1967-1980-by-Ray-Coleman.pdf
    • http://loaminoo.linkpc.net/4097096095094094/The-Playboy-Interviews-with-John-Lennon-amp-Yoko-Ono-by-David-Sheff.pdf
    • http://loaminoo.linkpc.net/4094091091098096/Playboy-Interview-with-John-Lennon-and-Yoko-Ono-by-David-Sheff.pdf
    • http://loaminoo.linkpc.net/3093095091090098/Stephen-King-shot-John-Lennon-by-Steve-Lightfoot.pdf
    • http://loaminoo.linkpc.net/5092098096091091/The-Walrus-and-the-Elephants-John-Lennon-s-Years-of-Revolution-by-James-A-Mitchell.pdf
    • http://loaminoo.linkpc.net/5092098096095091/Cynical-Idealist-A-Spiritual-Biography-of-John-Lennon-by-Gary-Tillery.pdf
    • http://loaminoo.linkpc.net/3090099095099094/A-Poison-Tree-Time-Blood-and-Karma-3-by-John-Dolan.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.