Malicious PDF — malware analysis report

Static analysis result for SHA-256 575e37500de783ae…

MALICIOUS

PDF

14.3 KB Created: 2019-04-30 04:36:36 +01:00 Authoring application: mPDF 5.7
MD5: c75cef2c1686d5673405ae9fdc7c2635 SHA-1: 95e991978ad7e05a2858d7778b3daea5183f7bc2 SHA-256: 575e37500de783ae5289265182bad1f015e2b7e1cf6a37eca00cfe96a30e3b3e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic, suggesting a link farm or distribution mechanism. While the specific URLs are marked as benign, the sheer volume and structure indicate a malicious intent, likely to drive traffic or distribute further payloads. The ML classifier also strongly flagged this PDF as malicious. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1098094098099097/Sweet-Seduction-Shield-Sweet-Seduction-5-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/8095095096098095/Sweet-Seduction-Shield-Sweet-Seduction-5-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/8095095096098096/Sweet-Seduction-Stripped-Sweet-Seduction-7-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/9098095093097092/Sweet-Seduction-Sayonara-Sweet-Seduction-9-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/1098094098097093/Sweet-Seduction-Shadow-Sweet-Seduction-3-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/4096098093098093/Sweet-Seduction-Sacrifice-Sweet-Seduction-1-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/3090091092098092/Sweet-Seduction-Sacrifice-Sweet-Seduction-1-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/3090091092097099/Sweet-Seduction-Sabotage-Sweet-Seduction-6-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/5095096099099099/Seduction-of-Taste-Seduction-3-by-Emma-Calin.pdf
    • http://loaminoo.linkpc.net/2095092090091090/Song-of-Seduction-Seduction-1-by-Carrie-Lofty.pdf
    • http://loaminoo.linkpc.net/5095096099098098/Seduction-of-Combat-Seduction-1-by-Emma-Calin.pdf
    • http://loaminoo.linkpc.net/1097091092098095/The-Seduction-2-The-Seduction-2-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/1097091093096092/The-Seduction-4-The-Seduction-4-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/3093092095092091/Seduction-Seduction-1-by-Scott-Prussing.pdf
    • http://loaminoo.linkpc.net/1097091093092094/The-Seduction-3-The-Seduction-3-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/1097098091097091/The-Seduction-4-The-Seduction-4-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/2092093091/Sweet-Soul-Sweet-Home-4-Carillo-Boys-3-by-Tillie-Cole.pdf
    • http://loaminoo.linkpc.net/3098092095091094/Masters-of-Seduction-Volume-2-Masters-of-Seduction-5-8-by-Lara-Adrian.pdf
    • http://loaminoo.linkpc.net/3098097096090093/Sweet-Vengeance-Jessica-Sweet-Trilogy-1-by-Aliya-DalRae.pdf
    • http://loaminoo.linkpc.net/8092094097092096/Sweet-Secrets-Sweet-Cove-Cozy-Mystery-3-by-J-A-Whiting.pdf
    • http://loaminoo.linkpc.net/5095096099098098/Seduction-of-

Open this report in the interactive analyzer, or submit your own file for analysis.