Malicious PDF — malware analysis report

Static analysis result for SHA-256 286b71026edf8d1d…

MALICIOUS

PDF

13.3 KB Created: 2019-05-03 15:06:13 +01:00 Authoring application: mPDF 5.7
MD5: 65a317eb001317b68030774e71a0d9d8 SHA-1: 1680f54518a444c4568e674334214eef337136fd SHA-256: 286b71026edf8d1d87c1f977faa71dd458c08aae0b497d136ec20672bb597a6f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are currently marked as benign, the sheer volume and the heuristic firing suggest a malicious intent, possibly for SEO manipulation or to redirect users to malicious content. No scripts were extracted from this sample, limiting further analysis of its behavior.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4096098090096095/Rescuing-Red-by-Susan-Hayes.pdf
    • http://loaminoo.linkpc.net/3091099097092095/Rescuing-Kassie-Delta-Force-Heroes-5-by-Susan-Stoker.pdf
    • http://loaminoo.linkpc.net/3096098090094092/All-In-The-Drift-2-by-Susan-Hayes.pdf
    • http://loaminoo.linkpc.net/4095098097096091/Whispers-in-the-Dark-by-Susan-Hayes.pdf
    • http://loaminoo.linkpc.net/4095098098095092/Guarding-Valentina-Paladin-Protection-Agency-3-by-Susan-Hayes.pdf
    • http://loaminoo.linkpc.net/3096098099092091/3013-Targeted-3013-7-by-Susan-Hayes.pdf
    • http://loaminoo.linkpc.net/3096092093094093/Hollywood-Days-with-Hayes-by-Hayes-Grier.pdf
    • http://loaminoo.linkpc.net/2090099091096090/Rescuing-the-Bad-Boy-Second-Chance-2-by-Jessica-Lemmon.pdf
    • http://loaminoo.linkpc.net/4099090097090/Rescuing-Da-Vinci-by-Robert-M-Edsel.pdf
    • http://loaminoo.linkpc.net/7092091096095096/Rescuing-Ambition-by-Dave-Harvey.pdf
    • http://loaminoo.linkpc.net/4093095095097090/Rescuing-Olivia-by-Julie-Compton.pdf
    • http://loaminoo.linkpc.net/4098094095098094/Rescuing-Rose-by-Isabel-Wolff.pdf
    • http://loaminoo.linkpc.net/4091095098096097/Rescuing-the-Receiver-How-to-Score-2-by-Rachel-Goodman.pdf
    • http://loaminoo.linkpc.net/7095095099093096/Rescuing-Jesus-From-His-Friends-by-Raymond-J-Pontier.pdf
    • http://loaminoo.linkpc.net/2092095091091093/Rescuing-Christmas-by-Vicki-Lewis-Thompson.pdf
    • http://loaminoo.linkpc.net/4094090093099095/Rescuing-The-Prince-Royal-Secrets-6-by-Sophia-Conrad.pdf
    • http://loaminoo.linkpc.net/3094093095097090/Rescuing-the-Virgin-The-McKenna-Legacy-Book-9-by-Patricia-Rosemoor.pdf
    • http://loaminoo.linkpc.net/6099096097097099/Rescuing-Mussolini-Gran-Sasso-1943-by-Howard-Gerrard.pdf
    • http://loaminoo.linkpc.net/3095090091090090/Torn-Rescuing-the-Gospel-from-the-Gays-vs--Christians-Debate-by-Justin-Lee.pdf
    • http://loaminoo.linkpc.net/3097090092096099/The-Official-Guide-to-Rescuing-and-Maintaining-Damsels-in-Distress-by-K-Alexander.pdf
    • http://loaminoo.linkpc.net/2092095091091093/Rescuing-Christmas-by-Vicki-Lewis-Thomps

Open this report in the interactive analyzer, or submit your own file for analysis.