Malicious PDF — malware analysis report

Static analysis result for SHA-256 35345e3724f61d2c…

MALICIOUS

PDF

15.6 KB Created: 2019-05-02 01:25:23 +01:00 Authoring application: mPDF 5.7
MD5: d2dd95b4140db9a0e0f66813ba2dd412 SHA-1: ac71a7bbc3717328ec05b61eaaf52c90b24347df SHA-256: 35345e3724f61d2c04734286a767ea74a6f4f007fcd935a7d33e4ffb8e562676
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious with high confidence. The embedded URLs, while appearing to link to book titles, are hosted on a single domain, suggesting a link farm or redirection scheme. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4094095097090093/The-Collected-Stories-of-Sean-O-Faolain-by-Se-n-Faol-in.pdf
    • http://loaminoo.linkpc.net/3092097094092095/Midsummer-Night-Madness-and-Other-Stories-by-Se-n-Faol-in.pdf
    • http://loaminoo.linkpc.net/3093092092099098/The-Short-Stories-of-Sean-O-Faolain-A-Study-in-Descriptive-Techniques-by-Joseph-Storey-Rippier.pdf
    • http://loaminoo.linkpc.net/4094093097092091/The-Heat-of-the-Sun-by-Se-n-Faol-in.pdf
    • http://loaminoo.linkpc.net/5096098095091091/The-Collected-Fantasies-Vol-4-The-Long-Tomorrow-and-Other-Science-Fiction-Stories-The-Collected-Fantasies-of-Jean-Giraud-4-by-M-bius.pdf
    • http://loaminoo.linkpc.net/3098098090097090/Collected-Stories-by-Peter-Carey.pdf
    • http://loaminoo.linkpc.net/1090095096093096/The-Collected-Stories-by-Deborah-Eisenberg.pdf
    • http://loaminoo.linkpc.net/1095093094097/The-Collected-Stories-by-Eudora-Welty.pdf
    • http://loaminoo.linkpc.net/8095095098091/The-Collected-Stories-by-William-Trevor.pdf
    • http://loaminoo.linkpc.net/1093097097097091/The-Collected-Stories-by-Katherine-Mansfield.pdf
    • http://loaminoo.linkpc.net/2094091090091/U-S-S-Stevens-The-Collected-Stories-by-Sam-Glanzman.pdf
    • http://loaminoo.linkpc.net/1099091097090093/Collected-Stories-by-Thea-Astley.pdf
    • http://loaminoo.linkpc.net/5090096095097098/Collected-Stories-by-Cynthia-Ozick.pdf
    • http://loaminoo.linkpc.net/3098096092092091/Collected-Stories-by-Roald-Dahl.pdf
    • http://loaminoo.linkpc.net/1096092097094090/Dibidalen-Ten-Stories-by-Se-n-Virgo.pdf
    • http://loaminoo.linkpc.net/1090099098090092/Goof-and-Other-Stories-by-Sean-Enright.pdf
    • http://loaminoo.linkpc.net/3093091094099090/The-Collected-Stories-Volume-1-by-Liam-O-39-Flaherty.pdf
    • http://loaminoo.linkpc.net/4094095099093090/Island-Collected-Stories-by-Alistair-MacLeod.pdf
    • http://loaminoo.linkpc.net/4094094091099099/Triumph-Collected-Stories-by-Lizzie-Harwood.pdf
    • http://loaminoo.linkpc.net/2093099096095098/Dust-Collected-Stories-of-Wonder-by-Michael-Hiebert.pdf
    • http://loaminoo.linkpc.net/8095095098091/T

Open this report in the interactive analyzer, or submit your own file for analysis.