Malicious PDF — malware analysis report

Static analysis result for SHA-256 25ba507106730702…

MALICIOUS

PDF

16.1 KB Created: 2019-04-30 06:28:12 +01:00 Authoring application: mPDF 5.7
MD5: 9f1c01c7b7de9761a0e8e29d338a4037 SHA-1: e6bdbc63dd150468d0954ea0a8886b029b0ee50f SHA-256: 25ba507106730702e5a779d2a738b9a64e31d0f481458235da6cf2a61cd20c43
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Phishing:Spearphishing Attachment T1204.002 Malicious File:Malicious Link

The PDF file was flagged by a machine learning classifier as malicious and contains a large number of external links, many of which point to PDF files on the 'loaminoo.linkpc.net' domain. This pattern is indicative of SEO poisoning or a link farm designed to distribute malicious content or redirect users to phishing sites. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4096094093094092/Killing-Mr-Watson-by-Peter-Matthiessen.pdf
    • http://loaminoo.linkpc.net/1092094092099090/Saved-by-a-Tweet-by-Peter-Watson-Jenkins.pdf
    • http://loaminoo.linkpc.net/1091099097092098097/The-Age-of-Atheists-How-We-Have-Sought-to-Live-Since-the-Death-of-God-by-Peter-Watson.pdf
    • http://loaminoo.linkpc.net/4094099099091097/Spirit-World-Wisdom-by-Peter-Watson-Jenkins.pdf
    • http://loaminoo.linkpc.net/2093098098090099/The-German-Genius-Europe-s-Third-Renaissance-the-Second-Scientific-Revolution-and-the-Twentieth-Century-by-Peter-Watson.pdf
    • http://loaminoo.linkpc.net/1096098091099096/A-Terrible-Beauty-The-People-and-Ideas-That-Shaped-the-Modern-Mind-A-History-by-Peter-Watson.pdf
    • http://loaminoo.linkpc.net/1092095091096090/Aria-Da-Capo-by-Edna-St-Vincent-Millay.pdf
    • http://loaminoo.linkpc.net/5091099095092091/How-to-Leave-Hialeah-by-Jennine-Capo-Crucet.pdf
    • http://loaminoo.linkpc.net/9099095094096090/Death-of-the-Capo-De-Tutti-Capi-by-Millie-Aveyard.pdf
    • http://loaminoo.linkpc.net/1095094091/Make-Your-Home-Among-Strangers-by-Jennine-Capo-Crucet.pdf
    • http://loaminoo.linkpc.net/7097099099093091/Capo-A-Mafia-Romance-Made-Man-2-by-Liliana-Rhodes.pdf
    • http://loaminoo.linkpc.net/3096098093090096/Mercy-Watson-Fights-Crime-Mercy-Watson-3-by-Kate-DiCamillo.pdf
    • http://loaminoo.linkpc.net/1099097090091091/Mercy-Watson-to-the-Rescue-Mercy-Watson-1-by-Kate-DiCamillo.pdf
    • http://loaminoo.linkpc.net/4093091095096096/Peter-Enchantment-and-Stardust-The-Poems-Peter-A-Darkened-Fairytale-2-by-William-O-39-Brien.pdf
    • http://loaminoo.linkpc.net/9091093093091091/Second-Life-by-S-J-Watson.pdf
    • http://loaminoo.linkpc.net/3092093096097097/Oracle-by-Ian-Watson.pdf
    • http://loaminoo.linkpc.net/1099098098099095/1-2-3-4-by-Allan-Watson.pdf
    • http://loaminoo.linkpc.net/2092099/Second-Life-by-S-J-Watson.pdf
    • http://loaminoo.linkpc.net/1090099099090094098/The-Opernball-by-Will-W-Watson.pdf
    • http://loaminoo.linkpc.net/4090093096092093/Second-Life-by-S-J-Watson.pdf
    • http://loaminoo.linkpc.net/1095094091/Make-Your-Hom

Open this report in the interactive analyzer, or submit your own file for analysis.