Malicious PDF — malware analysis report

Static analysis result for SHA-256 474a0753d45e9184…

MALICIOUS

PDF

16.1 KB Created: 2019-05-02 17:51:47 +01:00 Authoring application: mPDF 5.7
MD5: 6afca741e07c7115e8be2c24e1361945 SHA-1: 59b8e14ba57fd4875d2b8f49bb8f4290b098eb01 SHA-256: 474a0753d45e9184db67b062ac8bc6f0ad921ae785624de2b7fce3eb37dc960f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to various book titles hosted on the loaminoo.linkpc.net domain. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a potential attempt at SEO manipulation or as a distribution vector for further malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9098095093090095/The-Island-of-Doctor-Moreau-by-H-G-Wells-Illustrated-Delphi-Parts-Edition-H-G-Wells-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/3095098092090094/The-Island-of-Doctor-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/1090094092090096094/The-Island-of-Doctor-Moreau-with-eBook-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/8090098090098097/The-Island-of-Doctor-Moreau-Annotated-Student-and-Teacher-Edition-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/8090093090099096/The-Island-of-Doctor-Moreau-Color-Illustrated-Formatted-for-E-Readers-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/9092092090090096/The-Island-of-Doctor-Moreau-1000-Copy-Limited-Edition-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/3094091098090/The-Island-of-Dr-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/4090099092093095/The-Island-of-Dr-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/9097096093096095/The-Island-of-Dr-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/1097096093093090/The-Island-of-Dr-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/2097092097092095/The-Island-of-Dr-Moreau-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/3093092094092096/Island-Tales-Vol-1-by-K-C-Wells.pdf
    • http://loaminoo.linkpc.net/4091098095097094/Submitting-to-the-Darkness-Island-Tales-3-by-K-C-Wells.pdf
    • http://loaminoo.linkpc.net/1093090099092094/Doctor-Who-The-Nightmare-Of-Black-Island-by-Mike-Tucker.pdf
    • http://loaminoo.linkpc.net/4099092096096097/Doctor-Who-The-Tenth-Doctor-Adventures-10th-Doctor-Audio-Originals-by-Peter-Anghelides.pdf
    • http://loaminoo.linkpc.net/5097099097099096/The-Time-Machine-By-H-G-Wells---Illustrated-Bonus-Free-Audiobook-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/6095091098099098/The-Time-Machine-Herbert-George-Wells-by-H-G-Wells.pdf
    • http://loaminoo.linkpc.net/3098090097098092/Crusade-for-Justice-The-Autobiography-of-Ida-B-Wells-by-Ida-B-Wells-Barnett.pdf
    • http://loaminoo.linkpc.net/2091091091093098/Doctor-Who-Timeframe-The-Illustrated-History-Doctor-Who-30th-Anniversary-by-David-J-Howe.pdf
    • http://loaminoo.linkpc.net/4090098099097093/Doctor-Who-The-Ninth-Doctor-Vol-1-Weapons-of-Past-Destruction-by-Cavan-Scott.pdf
    • http://loaminoo.linkpc.net/9097096093096095/The-Isl

Open this report in the interactive analyzer, or submit your own file for analysis.