Malicious PDF — malware analysis report

Static analysis result for SHA-256 25b3918711c5409b…

MALICIOUS

PDF

15.4 KB Created: 2019-04-30 17:58:34 +01:00 Authoring application: mPDF 5.7
MD5: c106e968c518cb0ef001d4a9ba350393 SHA-1: 9869943bab60a08a53dfb95b64c61f0a74c77811 SHA-256: 25b3918711c5409be3113b7099d392da74e890f134280b516561adfea086c2f7
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, forming a link farm. The ML classifier also flagged this PDF as malicious. The primary attack pattern involves directing users to a collection of documents hosted on loaminoo.linkpc.net, likely as a lure or to distribute further malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1097098090093099/Ray-Bradbury-s-Fahrenheit-451-by-Harold-Bloom.pdf
    • http://loaminoo.linkpc.net/9095099090090095/Fahrenheit-451-And-Related-Readings-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/3098097090095095/Ray-Bradbury-s-Fahrenheit-451-The-Authorized-Graphic-Novel-The-Authorized-Adaptation-by-Tim-Hamilton.pdf
    • http://loaminoo.linkpc.net/1090091098092099093/The-Lost-Bradbury-Forgotten-Tales-of-Ray-Bradbury-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/8093096096098/Green-Shadows-White-Whale-A-Novel-of-Ray-Bradbury-s-Adventures-Making-Moby-Dick-with-John-Huston-in-Ireland-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/1090091098092099098/Ray-Bradbury-The-Golden-Apples-of-the-Sun-and-Other-Stories-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/4095094090094/Bradbury-Stories-100-of-His-Most-Celebrated-Tales-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/4095096093098099/Ray-Bradbury-Kaleidoscope-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/2098094098091092/Fahrenheit-by-Alex-Rosa.pdf
    • http://loaminoo.linkpc.net/1097095094094097/Mr-Fahrenheit-by-T-Michael-Martin.pdf
    • http://loaminoo.linkpc.net/5098097093093/The-Fahrenheit-Twins-by-Michel-Faber.pdf
    • http://loaminoo.linkpc.net/2094091090092099/The-Official-Fahrenheit-9-11-Reader-by-Michael-Moore.pdf
    • http://loaminoo.linkpc.net/4096092090097090/The-Illustrated-Man-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/4094095090095094/Something-Wicked-This-Way-Comes-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/1094092096099/Boy-on-the-Run-by-Bianca-Bradbury.pdf
    • http://loaminoo.linkpc.net/3092096097099/Something-Wicked-This-Way-Comes-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/8096092090096/S-is-for-Space-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/1093097090098096/The-Illustrated-Man-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/1090091098092094093/The-Playground-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/4095093093093094/The-Scythe-by-Ray-Bradbury.pdf
    • http://loaminoo.linkpc.net/4095094090094/Bradbury-Stories-100-of-Hi

Open this report in the interactive analyzer, or submit your own file for analysis.