Malicious PDF — malware analysis report

Static analysis result for SHA-256 332b264c43221f0e…

MALICIOUS

PDF

14.0 KB Created: 2019-05-01 18:05:14 +01:00 Authoring application: mPDF 5.7
MD5: eced6a3a8447fbed848ed274652bad47 SHA-1: a17ecc8ab4f28562607f55c249d7d9747b4119e6 SHA-256: 332b264c43221f0e0c8bf5146bb18d52e598c101cfcaba7acf979421b4194691
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. While most of these URLs point to benign book titles, the sheer volume and the nature of the heuristic suggest a malicious intent, possibly for SEO manipulation or to serve as a landing page for further malicious activity. The ML classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1092090097099099/Blue-Eyes-and-Other-Teenage-Hazards-Pullman-High-1-by-Janette-Rallison.pdf
    • http://loaminoo.linkpc.net/8099098094096/Just-One-Wish-by-Janette-Rallison.pdf
    • http://loaminoo.linkpc.net/1099098093091096/My-Double-Life-by-Janette-Rallison.pdf
    • http://loaminoo.linkpc.net/1099099093091096/Life-Love-and-the-Pursuit-of-Free-Throws-by-Janette-Rallison.pdf
    • http://loaminoo.linkpc.net/2094093094099096/Deep-Blue-Eyes-on-the-Greek-Isles-by-Dimitri-Sarantis.pdf
    • http://loaminoo.linkpc.net/4093097097097094/All-s-Fair-in-Love-War-and-High-School-Pullman-High-2-by-Janette-Rallison.pdf
    • http://loaminoo.linkpc.net/3097098098098/The-Legend-of-the-Blue-Eyes-Blue-Eyes-Trilogy-1-by-B-Kristin-McMichael.pdf
    • http://loaminoo.linkpc.net/4099099090093095/Where-Trust-Lies-Return-to-the-Canadian-West-2-by-Janette-Oke.pdf
    • http://loaminoo.linkpc.net/1097094094094091/Deep-Blue-Blue-1-by-Jules-Barnard.pdf
    • http://loaminoo.linkpc.net/4092094095094/Behind-Blue-Eyes-by-D-M-Wolfenden.pdf
    • http://loaminoo.linkpc.net/5093099090094093/Cocaine-and-Blue-Eyes-by-Fred-Zackel.pdf
    • http://loaminoo.linkpc.net/1096092099092092/Eyes-Like-Blue-Fire-by-Amanda-M-Lyons.pdf
    • http://loaminoo.linkpc.net/4096092093093096/A-Pair-of-Blue-Eyes-by-Thomas-Hardy.pdf
    • http://loaminoo.linkpc.net/1097090098094098/Words-in-Deep-Blue-by-Cath-Crowley.pdf
    • http://loaminoo.linkpc.net/2097090099099090/Words-in-Deep-Blue-by-Cath-Crowley.pdf
    • http://loaminoo.linkpc.net/1097092094096096/Becoming-a-Legend-Blue-Eyes-Trilogy-2-by-B-Kristin-McMichael.pdf
    • http://loaminoo.linkpc.net/1099093092096094/Blue-Eyes-Black-Hair-by-Marguerite-Duras.pdf
    • http://loaminoo.linkpc.net/8099093095097/Deep-Blue-Waterfire-Saga-1-by-Jennifer-Donnelly.pdf
    • http://loaminoo.linkpc.net/3098094093095095/Deep-Blue-Doc-Ford-23-by-Randy-Wayne-White.pdf
    • http://loaminoo.linkpc.net/3091090093090098/At-Home-Between-the-Devil-and-the-Deep-Blue-Sky-by-KoKo-Nervelli.pdf
    • http://loaminoo.linkpc.net/4096092093093

Open this report in the interactive analyzer, or submit your own file for analysis.