Malicious PDF — malware analysis report

Static analysis result for SHA-256 15c228533b3e5773…

MALICIOUS

PDF

17.6 KB Created: 2019-04-30 06:00:02 +01:00 Authoring application: mPDF 5.7 First seen: 2021-04-01
MD5: cc38fc463d0de911491cad229fc2ef8b SHA-1: 75d1e2d82e2074529c20e947d89c24ffd2da96f4 SHA-256: 15c228533b3e5773ed94feb0acc3490be3a4b50104ae27edc67bac3cad36cdcf
92 Risk Score

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/5099095093099096/The-Plays-of-Maurice-Maeterlinck-Alladine-and-Palomides-Pelleas-and-Melisande-Home-and-the-Death-of-Tintagiles-by-Maurice-Maeterlinck.pdf In PDF document text
    • http://loaminoo.linkpc.net/5099095094090092/P-ll-as-and-M-lisande-Alladine-and-Palomides-Home-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/5099095095090098/Woyzeck-Pelleas-and-Melisande-Ubu-Roi-Three-Translations-from-the-Cutting-Ball-Theater-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099092092/The-Plays-of-Maurice-Maeterlinck-by-Maurice-1862-1949-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096097094/The-Intruder-the-Blind-the-Seven-Princesses-the-Death-of-Tintagiles-1920-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096097092/Three-Pre-Surrealist-Plays-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/8091094096092099/Maurice-Maeterlinck-Anthology-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096093093/Death-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099097092/The-Life-of-the-Ant-by-Maurice-Maeterlinck-by-Maurice-Materlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/5099095094095094/Maeterlinck-Pell-as-et-Melisande-with-Les-Aveugles-L-Intruse-Int-rieur-by-Leighton-Hodson.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096092098/The-Life-of-the-Bee-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096098094/Hothouses-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099091094/Joyzelle-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096093098/Maurice-Maeterlinck-by-Edward-Thomas.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095096093099/The-Life-of-the-White-Ant-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099097096/Before-The-Great-Silence-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095097096093/Maurice-Maeterlinck-Mystic-and-Dramatist-by-Patrick-F-Mahony.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099097091/Life-and-Writings-of-Maurice-Maeterlinck-by-Jethro-Bithell.pdfIn PDF document text
    • http://loaminoo.linkpc.net/6095095099097097/The-Betrothal-A-Sequel-to-the-Blue-Bird-by-Maurice-Maeterlinck.pdfIn PDF document text
    • http://loaminoo.linkpc.net/5092096097095099/Chef-Maurice-and-the-Wrath-of-Grapes-Chef-Maurice-Mysteries-2-by-J-A-Lang.pdfIn PDF document text