Malicious PDF — malware analysis report

Static analysis result for SHA-256 541d4726a0ebe425…

MALICIOUS

PDF

15.2 KB Created: 2019-05-02 03:18:02 +01:00 Authoring application: mPDF 5.7
MD5: 5e99febb78072e19a54f2fdb7a1a4b83 SHA-1: 330d67d722a4f9223dcf35854e458ef17acc8132 SHA-256: 541d4726a0ebe4253ce80f7746af80e4a555bd43696b848e330e62a895fcbf7b
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a link farm heuristic, indicating a large number of embedded URLs. The document body confirms this, showing numerous links to external PDF files hosted on loaminoo.linkpc.net. This suggests a social engineering tactic to drive traffic to potentially malicious or unwanted content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3097093094091097/Royally-Yours-A-Modern-Day-Valentine-s-Fairytale-by-Jude-Ryan.pdf
    • http://loaminoo.linkpc.net/1091095090097096097/Dirty-Deals-A-Sexy-Manhattan-Fairytale-1-3-by-Michelle-A-Valentine.pdf
    • http://loaminoo.linkpc.net/5090090090/Royally-Matched-Royally-2-by-Emma-Chase.pdf
    • http://loaminoo.linkpc.net/2096098090095097/Royally-Raised-Royally-3-5-by-Emma-Chase.pdf
    • http://loaminoo.linkpc.net/1091090092094092099/Royally-Screwed-Royally-1-by-Emma-Chase.pdf
    • http://loaminoo.linkpc.net/3096091090097090/Never-Let-You-Go-A-Modern-Fairytale-2-by-Katy-Regnery.pdf
    • http://loaminoo.linkpc.net/4096094092090092/Don-t-Speak-A-Modern-Fairytale-5-by-Katy-Regnery.pdf
    • http://loaminoo.linkpc.net/2090092094095094/Dark-Sexy-Knight-A-Modern-Fairytale-4-by-Katy-Regnery.pdf
    • http://loaminoo.linkpc.net/1098092094094098/Royally-Jacked-Royally-Jacked-1-by-Niki-Burnham.pdf
    • http://loaminoo.linkpc.net/3095097097093092/Modern-Hero-Ryan-Wolf-1-by-Jake-Menne.pdf
    • http://loaminoo.linkpc.net/4091092094091090/Sex-at-Dawn-How-We-Mate-Why-We-Stray-and-What-It-Means-for-Modern-Relationships-by-Christopher-Ryan.pdf
    • http://loaminoo.linkpc.net/8091098092093/Someone-Else-s-Fairytale-Someone-Else-s-Fairytale-1-by-E-M-Tippetts.pdf
    • http://loaminoo.linkpc.net/2095097095097095/Someone-Else-s-Fairytale-Someone-Else-s-Fairytale-1-by-E-M-Tippetts.pdf
    • http://loaminoo.linkpc.net/3094098092098095/A-Town-Called-Valentine-Valentine-Valley-1-by-Emma-Cane.pdf
    • http://loaminoo.linkpc.net/5095093099/Royally-Bad-Bad-Boy-Royals-1-by-Nora-Flite.pdf
    • http://loaminoo.linkpc.net/2094092096091096/Once-a-Prince-Truly-Madly-Royally-1-by-M-H-Soars.pdf
    • http://loaminoo.linkpc.net/1090090092093097090/Royally-Romanov-The-Royals-2-by-Teri-Wilson.pdf
    • http://loaminoo.linkpc.net/6094095094097091/Filthy-Ever-After-Royally-Screwed-5-by-Madison-Faye.pdf
    • http://loaminoo.linkpc.net/7090097095099094/Royally-Bedded-Regally-Wedded-by-Masako-Ogimaru.pdf
    • http://loaminoo.linkpc.net/6094095094096092/King-Sized-Royally-Screwed-1-by-Madison-Faye.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.