Malicious PDF — malware analysis report

Static analysis result for SHA-256 4e1e9711cb389c82…

MALICIOUS

PDF

14.8 KB Created: 2019-05-01 18:36:12 +01:00 Authoring application: mPDF 5.7
MD5: 66092617cba3fc29c290e06c0a1bd8fc SHA-1: cae34760f7f6ddf03a6b4fda62e93682ef219c87 SHA-256: 4e1e9711cb389c82f46e2bb247241b207bed2326e42d17f06e038ca69ba1c2a1
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs that point to a domain hosting numerous book titles. This indicates a likely SEO spam or phishing campaign aimed at driving traffic to the malicious domain. The heuristic 'PDF_SEO_LINK_FARM' strongly supports this assessment, identifying a mass external PDF link farm.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/5093098095093097/The-Cowboy-s-Lady-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/3094097099098098/Nell-s-Cowboy-Heart-of-Texas-5-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/4092090097097098/Heart-of-Texas-Volume-3-Nell-s-Cowboy-amp-Lone-Star-Baby-Heart-of-Texas-5-6-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2090090093094098/Heart-of-Texas-Vol-1-Lonesome-Cowboy-Texas-Two-Step-Heart-of-Texas-1-2-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2090097094090/There-s-Something-about-Christmas-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/5092094099/If-Not-for-You-New-Beginnings-3-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/3099095090092092/Heartsong-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/1095098098092090/Thursdays-At-Eight-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2090090092095095/Montana-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/7091093097/Any-Dream-Will-Do-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/3094094097099097/Montana-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2090092090095/When-Christmas-Comes-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/4095090095093091/The-Matchmakers-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/5090092095092090/Turn-in-the-Road-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/7095099097094095/Three-Brides-No-Groom-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/1090095095091098090/Debbie-Macomber-A-Biography-by-Aileen-Wen.pdf
    • http://loaminoo.linkpc.net/2098095099090093/The-Inn-at-Rose-Harbor-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2090092093090095/The-Inn-at-Rose-Harbor-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2091097090094095/Sugar-and-Spice-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/1098098090/Dashing-Through-the-Snow-by-Debbie-Macomber.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.