Malicious PDF — malware analysis report

Static analysis result for SHA-256 13b64423b5fe32a2…

MALICIOUS

PDF

15.0 KB Created: 2019-04-30 04:06:45 +01:00 Authoring application: mPDF 5.7
MD5: aa943669952839103e434c513dd3a738 SHA-1: cfc7b72c575404ea90a306668d1a14f67db3d1ea SHA-256: 13b64423b5fe32a29a830ed858dfa6c74c7acd1355c342b8e4ccfac2dbd4d058
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links, identified as a link farm by the PDF_SEO_LINK_FARM heuristic. While no scripts were explicitly extracted, the presence of embedded URLs within a PDF document suggests potential for malicious redirection. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4093094099094/World-After-Penryn-amp-the-End-of-Days-2-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/3094099098097/World-After-Penryn-amp-the-End-of-Days-2-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/1092091099098098/Angelfall-Penryn-amp-the-End-of-Days-1-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/3092095093098/Angelfall-Penryn-amp-the-End-of-Days-1-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/2093094096091094/Angelfall-Penryn-amp-the-End-of-Days-1-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/1093095090094092/Angelfall-Penryn-amp-the-End-of-Days-1-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/7096097099094/K-yamet-Sonras-Penryn-amp-the-End-of-Days-2-by-Susan-Ee.pdf
    • http://loaminoo.linkpc.net/4095098093093092/Operation-Cowboy-The-Secret-American-Mission-to-Save-the-World-s-Most-Beautiful-Horses-in-the-Last-Days-of-World-War-II-by-Stephan-Talty.pdf
    • http://loaminoo.linkpc.net/5091094096094/No-Ordinary-Days-by-Susan-Sygall.pdf
    • http://loaminoo.linkpc.net/4097097097099097/Kingfisher-Days-by-Susan-Coyne.pdf
    • http://loaminoo.linkpc.net/5091093090094097/Final-Days-Japanese-Culture-and-Choice-at-the-End-of-Life-by-Susan-Orpett-Long.pdf
    • http://loaminoo.linkpc.net/4097094090094090/Around-the-World-in-72-Days-by-Nellie-Bly.pdf
    • http://loaminoo.linkpc.net/6094099094098099/Around-the-World-in-80-Days-by-Jules-Verne.pdf
    • http://loaminoo.linkpc.net/9093098099092/Around-the-World-in-80-Days-by-Marian-Leighton.pdf
    • http://loaminoo.linkpc.net/7092090097094090/Around-the-World-in-80-Days-by-Lo-c-Dauvillier.pdf
    • http://loaminoo.linkpc.net/1090093093090092092/Around-the-World-in-80-Days-by-Jules-Verne.pdf
    • http://loaminoo.linkpc.net/6097091098097094/Around-the-World-in-80-Days-Jr-Novel-by-James-Ponti.pdf
    • http://loaminoo.linkpc.net/6095099097099092/Around-the-World-in-80-Days-by-Jules-Verne.pdf
    • http://loaminoo.linkpc.net/8094095097096097/Around-the-World-in-Eighty-Days-by-Jules-Verne.pdf
    • http://loaminoo.linkpc.net/4099099095091098/Omega-The-Last-Days-of-the-World-by-Camille-Flammarion.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.