Malicious PDF — malware analysis report

Static analysis result for SHA-256 1a0e7ab8e5eb701c…

MALICIOUS

PDF

15.4 KB Created: 2019-05-03 09:12:45 +01:00 Authoring application: mPDF 5.7
MD5: c5f7ad41f526ca202b41c1f92dd67ed6 SHA-1: 73e5b30ead2e113e661cea27e67f470dd8a12a66 SHA-256: 1a0e7ab8e5eb701cb7e4bf312edb1a11992c0baaa1c0192b65131f5e55dd8938
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. While the specific URLs extracted are currently marked as benign, the sheer volume and structure suggest a malicious intent, likely for SEO manipulation or to distribute further malicious content. The ML classifier also flagged this PDF with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4094092098098/Dangerous-Boys-by-Abigail-Haas.pdf
    • http://loaminoo.linkpc.net/7094097095096/Dangerous-Girls-Dangerous-Girls-1-by-R-L-Stine.pdf
    • http://loaminoo.linkpc.net/1094095094096097/Armed-amp-Dangerous-Cut-amp-Run-5-by-Abigail-Roux.pdf
    • http://loaminoo.linkpc.net/3098092090094/Armed-amp-Dangerous-Cut-amp-Run-5-by-Abigail-Roux.pdf
    • http://loaminoo.linkpc.net/2090097093091096/The-Taste-of-Night-Dangerous-Girls-2-by-R-L-Stine.pdf
    • http://loaminoo.linkpc.net/6099093099092/The-School-for-Dangerous-Girls-by-Eliot-Schrefer.pdf
    • http://loaminoo.linkpc.net/3097094096095093/Rude-Girls-and-Dangerous-Women-by-Jennifer-Camper.pdf
    • http://loaminoo.linkpc.net/5090095092090098/Dear-Abigail-The-Intimate-Lives-and-Revolutionary-Ideas-of-Abigail-Adams-and-Her-Two-Remarkable-Sisters-by-Diane-Jacobs.pdf
    • http://loaminoo.linkpc.net/4093091094095099/Abigail-Jones-Chronicles-of-Abigail-Jones-1-by-Grace-Callaway.pdf
    • http://loaminoo.linkpc.net/1097090099098090/A-Dangerous-Man-The-Complete-Collection-A-Dangerous-Man-1-4-by-Serena-Grey.pdf
    • http://loaminoo.linkpc.net/4091095093098091/Dangerous-Passion-Dangerous-3-by-Lisa-Marie-Rice.pdf
    • http://loaminoo.linkpc.net/8098091/Dangerous-Deception-Dangerous-Creatures-2-by-Kami-Garcia.pdf
    • http://loaminoo.linkpc.net/4091099091098094/--LOST-GIRLS-1-Shingeki-no-Kyojin-Lost-Girls-1-Attack-on-Titan-Lost-Girls-Manga-1-by-Hajime-Isayama.pdf
    • http://loaminoo.linkpc.net/1093093095092/Chase-by-Jessie-Haas.pdf
    • http://loaminoo.linkpc.net/1093095098098/Unbroken-by-Jessie-Haas.pdf
    • http://loaminoo.linkpc.net/4096097090099091/Runaway-Pony-by-Jessie-Haas.pdf
    • http://loaminoo.linkpc.net/4096096097092090/A-Horse-Like-Barney-by-Jessie-Haas.pdf
    • http://loaminoo.linkpc.net/1093095092094/Runaway-Radish-by-Jessie-Haas.pdf
    • http://loaminoo.linkpc.net/3090099093096092/Scarlet-City-by-Rebekah-Haas.pdf
    • http://loaminoo.linkpc.net/5092095094097/Columbus-Silver-Bear-2-by-Derek-Haas.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.