Malicious PDF — malware analysis report

Static analysis result for SHA-256 480fc0d1fe1b2b03…

MALICIOUS

PDF

14.3 KB Created: 2019-04-30 02:41:04 +01:00 Authoring application: mPDF 5.7
MD5: 78d76b0c362655f381b46836637aa6c6 SHA-1: 52c13ce3ff8e3b79a3c4940d8c69702cf6030d16 SHA-256: 480fc0d1fe1b2b03f89b14f3b9a02a5975cada72e07e46a719e6438ccb7fd180
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a heuristic firing for a 'PDF_SEO_LINK_FARM', indicating a large number of embedded external links. The document body confirms the presence of numerous URLs, all pointing to the same domain 'loaminoo.linkpc.net' with numeric slugs and book titles. This suggests a likely attempt to lure users to potentially malicious or phishing websites by disguising them as legitimate documents.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3090091099091093/Going-to-the-Chapel-Apples-amp-Gin-1-by-J-J-Massa.pdf
    • http://loaminoo.linkpc.net/4095099095093094/The-White-Chapel-The-Chapel-Series-Book-2-by-Marilyn-Cruise.pdf
    • http://loaminoo.linkpc.net/3094098095098092/The-White-Chapel-Chapel-2-by-Marilyn-Cruise.pdf
    • http://loaminoo.linkpc.net/2095097093093094/Learning-Curve-by-J-J-Massa.pdf
    • http://loaminoo.linkpc.net/1099092096091095/The-Agency-Vanya-amp-Lance-by-J-J-Massa.pdf
    • http://loaminoo.linkpc.net/4090096090091091/Ice-Shadows-Occult-Assassin-2-5-by-William-Massa.pdf
    • http://loaminoo.linkpc.net/2094093094097097/The-Gaggle-How-the-Guys-You-Know-Will-Help-You-Find-the-Love-You-Want-by-Jessica-Massa.pdf
    • http://loaminoo.linkpc.net/4092095095090090/Spirit-Breaker-Occult-Assassin-3-by-William-Massa.pdf
    • http://loaminoo.linkpc.net/3097099095090097/Damnation-Code-Occult-Assassin-1-by-William-Massa.pdf
    • http://loaminoo.linkpc.net/4092095095090096/Apocalypse-Soldier-Occult-Assassin-2-by-William-Massa.pdf
    • http://loaminoo.linkpc.net/8093093096097098/Chapel-on-the-Moor-by-D-F-Dempster.pdf
    • http://loaminoo.linkpc.net/6097093093094092/The-Sistine-Chapel-by-Fabrizio-Mancinelli.pdf
    • http://loaminoo.linkpc.net/6093090093094093/The-Sincere-Chapel-by-Daisy-Kleebank.pdf
    • http://loaminoo.linkpc.net/4093091091093091/The-Secret-Chapel-God-s-Lions-1-by-John-Lyman.pdf
    • http://loaminoo.linkpc.net/2099098097093098/Mystery-at-the-Inn-Tales-from-Grace-Chapel-Inn-19-by-Carolyne-Aarsen.pdf
    • http://loaminoo.linkpc.net/6093095091095/The-Clover-Chapel-Jamison-Valley-2-by-Devney-Perry.pdf
    • http://loaminoo.linkpc.net/3092090095097090/The-Lady-Chapel-Owen-Archer-2-by-Candace-Robb.pdf
    • http://loaminoo.linkpc.net/3092095093095096/Hidden-History-Tales-From-Grace-Chapel-Inn-4-by-Melody-Carlson.pdf
    • http://loaminoo.linkpc.net/3099096095091096/The-Lady-Chapel-The-Owen-Archer-Series---Book-Two-by-Candace-Robb.pdf
    • http://loaminoo.linkpc.net/3092095093095097/Recipes-amp-Wooden-Spoons-Tales-from-Grace-Chapel-Inn-3-by-Judy-Baer.pdf
    • http://loaminoo.linkpc.net/6097093093094092/The-Sisti

Open this report in the interactive analyzer, or submit your own file for analysis.