Malicious PDF — malware analysis report

Static analysis result for SHA-256 3ee080ec420a45cd…

MALICIOUS

PDF

15.1 KB Created: 2019-05-01 17:26:24 +01:00 Authoring application: mPDF 5.7
MD5: 79b516714c6da2ca8f169a5f2f958ca5 SHA-1: f82932f4134a6dd76ef5a980709c055beb363bf1 SHA-256: 3ee080ec420a45cd8a0f222b7dfc2e895a7c1f06fc61c4882600dedde9fc7978
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links pointing to external PDF documents hosted on the domain 'loaminoo.linkpc.net'. This is indicative of a link farm or a content-luring scheme, likely intended to drive traffic to potentially malicious or unwanted content. The heuristic 'PDF_SEO_LINK_FARM' strongly supports this assessment. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3098099096092099/Dirty-Bad-Wrong-Dirty-Bad-1-by-Jade-West.pdf
    • http://loaminoo.linkpc.net/3094092/Dirty-Bad-Wrong-Dirty-Bad-1-by-Jade-West.pdf
    • http://loaminoo.linkpc.net/2097090097094098/Dirty-Bad-Savage-Dirty-Bad-2-by-Jade-West.pdf
    • http://loaminoo.linkpc.net/2091091091099095/Rose-City-Vice-Portland-in-the-70-s-Dirty-Cops-and-Dirty-Robbers-by-Phil-Stanford.pdf
    • http://loaminoo.linkpc.net/1091090098097090096/Dirty-The-Five-Part-Serial-Bundle-Dirty-1-5-by-Cheryl-McIntyre.pdf
    • http://loaminoo.linkpc.net/1097098093093/Dirty-Secrets-Dirty-War-Buenos-Aires-Argentina-1976-1983-The-Exile-of-Editor-Robert-J-Cox-by-David-Cox.pdf
    • http://loaminoo.linkpc.net/3096090/Dirty-Deeds-Dirty-Angels-2-by-Karina-Halle.pdf
    • http://loaminoo.linkpc.net/3094095099092091/Dirty-Promises-Dirty-Angels-3-by-Karina-Halle.pdf
    • http://loaminoo.linkpc.net/3090092092097095/Dirty-Neighbor-The-Dirty-Suburbs-1-by-Cassie-Ann-L-Miller.pdf
    • http://loaminoo.linkpc.net/4095096095097094/Shooting-Dirty-Dirty-Eleven-2-by-Jill-Sorenson.pdf
    • http://loaminoo.linkpc.net/3095096096091093/Dirty-Lies-Dirty-Deeds-2-by-S-E-Jakes.pdf
    • http://loaminoo.linkpc.net/6094093093090090/Dirty-Red-Dirty-Red-1-by-Vickie-M-Stringer.pdf
    • http://loaminoo.linkpc.net/3097091090096098/Suddenly-Dirty-Dirty-Texas-1-by-J-A-Low.pdf
    • http://loaminoo.linkpc.net/2096097090090096/Dirty-Rich-Cinderella-Story-Dirty-Rich-2-by-Lisa-Renee-Jones.pdf
    • http://loaminoo.linkpc.net/4099099094090/The-Dirty-Girls-Social-Club-Dirty-Girls-1-by-Alisa-Valdes.pdf
    • http://loaminoo.linkpc.net/1094097097098099/Dirty-Sexy-Cuffed-Dirty-Sexy-3-by-Carly-Phillips.pdf
    • http://loaminoo.linkpc.net/2095098099096096/Dirty-Little-Liars-Dirty-Little-Liars-1-by-Missy-Lynn-Ryan.pdf
    • http://loaminoo.linkpc.net/1099098092091092/Talking-Dirty-with-the-CEO-Talking-Dirty-1-by-Jackie-Ashenden.pdf
    • http://loaminoo.linkpc.net/1091093097090096096/Hot-Mess-A-Dirty-Bitches-Novel-Dirty-Bitches-1-by-K-A-Ware.pdf
    • http://loaminoo.linkpc.net/1099099092092099/Fighting-Dirty-Fighting-Dirty-1-by-Olley-White.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.