Malicious PDF — malware analysis report

Static analysis result for SHA-256 602974be71f2d307…

MALICIOUS

PDF

12.7 KB Created: 2019-05-07 04:40:34 +01:00 Authoring application: mPDF 5.7
MD5: 6f063ef2a1883652d052dca81ad70d20 SHA-1: 902f283da7dd642385071af25a673e7f46f715b9 SHA-256: 602974be71f2d3076805c3e01715e8fa861fba756af25908e6c8e72d99bcbed6
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDFs hosted on the domain 'loaminoo.linkpc.net'. This heuristic firing, combined with the ML classifier, indicates a malicious intent to direct users to potentially harmful content. No scripts were extracted, and the document body was unreadable, limiting further analysis of the specific lure.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090098090097097093/Mama-Gloria-s-Sunflower-Garden-by-Gloria-Ng.pdf
    • http://loaminoo.linkpc.net/4099094092099099/The-Locked-Garden-by-Gloria-Whelan.pdf
    • http://loaminoo.linkpc.net/1090098090097097097/Gloria-s-Secret-Trilogy-Gloria-s-Secret-1-3-by-Nelle-L-39-Amour.pdf
    • http://loaminoo.linkpc.net/4093094099095095/A-Man-Cannot-Cry-by-Gloria-Keverne.pdf
    • http://loaminoo.linkpc.net/2092092096094099/See-What-I-See-by-Gloria-Whelan.pdf
    • http://loaminoo.linkpc.net/2090090097095096/Gloria-by-Keith-Maillard.pdf
    • http://loaminoo.linkpc.net/5090096093093097/Little-Flower-by-Gloria-Rand.pdf
    • http://loaminoo.linkpc.net/2099093094099/Rockbuster-by-Gloria-Skurzynski.pdf
    • http://loaminoo.linkpc.net/1094091091097/Manwolf-by-Gloria-Skurzynski.pdf
    • http://loaminoo.linkpc.net/3098091092099090/The-Glad-Man-by-Gloria-Gonzalez.pdf
    • http://loaminoo.linkpc.net/1090098090098092097/Second-Destiny-by-Gloria-Silk.pdf
    • http://loaminoo.linkpc.net/1090098090098092098/First-and-Only-Destiny-by-Gloria-Silk.pdf
    • http://loaminoo.linkpc.net/1090098090098093090/The-Road-to-Winterhill-by-Gloria-Gay.pdf
    • http://loaminoo.linkpc.net/4090097095093096/Secrets-Not-Meant-to-Be-Kept-by-Gloria-D-Miklowitz.pdf
    • http://loaminoo.linkpc.net/1098090094095/What-to-Do-When-Your-Child-Gets-Sick-by-Gloria-G-Mayer.pdf
    • http://loaminoo.linkpc.net/1090098090099092093/Dexta-Gloria-VanDeen-1-by-C-J-Ryan.pdf
    • http://loaminoo.linkpc.net/3093096098091/The-Men-of-Brewster-Place-by-Gloria-Naylor.pdf
    • http://loaminoo.linkpc.net/8091096094093/Farewell-to-the-Island-by-Gloria-Whelan.pdf
    • http://loaminoo.linkpc.net/4096097097092098/My-Life-on-the-Road-by-Gloria-Steinem.pdf
    • http://loaminoo.linkpc.net/3090092095093090/Moving-Beyond-Words-by-Gloria-Steinem.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.