Malicious PDF — malware analysis report

Static analysis result for SHA-256 3353dd9735c6bd82…

MALICIOUS

PDF

14.7 KB Created: 2019-05-07 03:23:07 +01:00 Authoring application: mPDF 5.7
MD5: 2928d22a2a5198436b5d0dc3aa0bd788 SHA-1: 1915470f79823c47bb016bbda7ebf4b29a3f364a SHA-256: 3353dd9735c6bd825ad5c83dbd07ad59bf693a811fc52655fda9fb5c9d27cc63
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a malicious intent, likely for SEO manipulation or to distribute further malware. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9093091098098093/Daisy-Daisy-Kitten-Fair-by-L-K-Merideth.pdf
    • http://loaminoo.linkpc.net/3091098095090099/Katie-the-Kitten-Fairy-Rainbow-Magic-Pet-Keeper-Fairies-1-by-Daisy-Meadows.pdf
    • http://loaminoo.linkpc.net/2097098091094095/Daisy-s-Story-Daisy-s-Adventures-1-by-Margaret-O-39-Connor.pdf
    • http://loaminoo.linkpc.net/4094098096099096/Daisy-and-the-Pirates-Daisy-Tannenbaum-1-by-J-T-Allen.pdf
    • http://loaminoo.linkpc.net/1090091097097098091/Daisy-McDare-and-the-Deadly-Restaurant-Affair-Daisy-McDare-6-by-K-M-Morgan.pdf
    • http://loaminoo.linkpc.net/3091093093090095/Baby-Daisy-s-Good-Idea-La-Buena-Idea-De-Bebe-Daisy-Baby-s-First-Disney-Books-English-Spanish-by-Walt-Disney-Company.pdf
    • http://loaminoo.linkpc.net/2096097093096097/Dengeki-Daisy-Vol-02-Dengeki-Daisy-2-by-Kyousuke-Motomi.pdf
    • http://loaminoo.linkpc.net/2096098090096094/Dengeki-Daisy-Vol-06-Dengeki-Daisy-6-by-Kyousuke-Motomi.pdf
    • http://loaminoo.linkpc.net/1091090092094092/Daisy-Chain-War-Daisy-Chain-War-1-by-Joan-O-39-Neill.pdf
    • http://loaminoo.linkpc.net/9099091099091/When-You-Were-Here-by-Daisy-Whitney.pdf
    • http://loaminoo.linkpc.net/1091097094093097/The-Daisy-Field-by-Amy-Sutton.pdf
    • http://loaminoo.linkpc.net/7093095093090090/Married-to-the-Manny-by-Daisy-May.pdf
    • http://loaminoo.linkpc.net/9093091098099091/Daisy-s-War-by-Shayne-Parkinson.pdf
    • http://loaminoo.linkpc.net/4095093094091097/From-the-Ashes-by-Daisy-Harris.pdf
    • http://loaminoo.linkpc.net/5092092090098093/She-Didn-t-Mean-to-Do-It-by-Daisy-Fried.pdf
    • http://loaminoo.linkpc.net/9093092090094092/Daisy-by-Jennie-Tremaine.pdf
    • http://loaminoo.linkpc.net/5091093091097092/The-To-Let-House-by-Daisy-Hasan.pdf
    • http://loaminoo.linkpc.net/5099090097096097/La-Derni-re-duchesse-by-Daisy-Goodwin.pdf
    • http://loaminoo.linkpc.net/3093095099092092/Sunshine-After-the-Rain-by-Daisy-James.pdf
    • http://loaminoo.linkpc.net/4090098097099097/The-Secret-Hum-of-a-Daisy-by-Tracy-Holczer.pdf
    • http://loaminoo.linkpc.net/1091090092094092/Daisy-Chain-War-Daisy-Chain-W

Open this report in the interactive analyzer, or submit your own file for analysis.