Malicious PDF — malware analysis report

Static analysis result for SHA-256 62659a3f99e275d3…

MALICIOUS

PDF

17.3 KB Created: 2019-05-02 00:59:31 +01:00 Authoring application: mPDF 5.7
MD5: 8d19fe70d728b781167b4f9f0ea4c313 SHA-1: a1e0715d0765ac4d63fd69e97925aebdb6f26e67 SHA-256: 62659a3f99e275d3b21ef524c5141f4df7c6079226bdc5a46f0fd6d56da4f48c
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. While many of these URLs are marked as confirmed_benign, the sheer volume and the nature of the heuristic suggest a potential attempt to manipulate search engine results or to host malicious content disguised as legitimate documents. The ML_NYX_PDF_MALICIOUS classifier also flagged the document with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/2090094092094090/The-Lady-Travelers-Guide-to-Scoundrels-amp-Other-Gentlemen-The-Lady-Travelers-Society-1-by-Victoria-Alexander.pdf
    • http://loaminoo.linkpc.net/2095095097091/The-Lady-Travelers-Guide-to-Larceny-with-a-Dashing-Stranger-The-Lady-Travelers-Society-2-by-Victoria-Alexander.pdf
    • http://loaminoo.linkpc.net/2093090091094096/Secrets-of-a-Proper-Lady-Last-Man-Standing-3-by-Victoria-Alexander.pdf
    • http://loaminoo.linkpc.net/1091090091093096097/The-International-Travelers-Guide-to-Bartering-by-Ian-Fasnacht.pdf
    • http://loaminoo.linkpc.net/4093098091095092/Travel-Guide-for-Budget-Travelers-by-Raul-Fattore.pdf
    • http://loaminoo.linkpc.net/3094093093092097/50-Things-to-Know-To-Enjoy-An-All-Inclusive-Resort-A-Travelers-Guide-50-Things-to-Know-Vacation-Series-by-Lisa-M-Rusczyk.pdf
    • http://loaminoo.linkpc.net/1097095095094098/The-Travelers-by-K-L-Kranes.pdf
    • http://loaminoo.linkpc.net/7091090092093092/Travelers-Rest-by-Ann-Tatlock.pdf
    • http://loaminoo.linkpc.net/4093094096090/Parallel-Travelers-1-by-Claudia-Lefeve.pdf
    • http://loaminoo.linkpc.net/2094096096094097/The-Traveling-Man-The-Travelers-1-by-Michael-P-King.pdf
    • http://loaminoo.linkpc.net/1093094098098096/The-Travelers-Pendragon-Before-the-War-1-by-Carla-Jablonski.pdf
    • http://loaminoo.linkpc.net/3090092090096/Patalosh-The-Time-Travelers-by-Z-Altug.pdf
    • http://loaminoo.linkpc.net/2098097098098096/Stowaway-Travelers-2-by-Becky-Black.pdf
    • http://loaminoo.linkpc.net/4092097099095097/Stowaway-Travelers-2-by-Becky-Black.pdf
    • http://loaminoo.linkpc.net/7096099097090092/Travelers-Tales-Brazil-by-Annette-Haddad.pdf
    • http://loaminoo.linkpc.net/2098097094097090/Liar-s-Waltz-Travelers-1-by-Becky-Black.pdf
    • http://loaminoo.linkpc.net/8099091096099097/Watercolor-Sketching-for-Travelers-by-Peter-McReynolds.pdf
    • http://loaminoo.linkpc.net/3093099099092097/His-Dark-Lady-Lucy-Morgan-2-by-Victoria-Lamb.pdf
    • http://loaminoo.linkpc.net/2094096090094098/Texas-Triumph-The-Cowboy-and-the-Lady-4-by-Victoria-Thompson.pdf
    • http://loaminoo.linkpc.net/4091098091095098/The-Travelers-Club-and-the-Ghost-Ship-by-Michael-Bradley.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.