PDF malware analysis — malicious · 67e8b3fe69a956ac

MALICIOUS

PDF

13.6 KB Created: 2019-05-02 18:38:54 +01:00 Authoring application: mPDF 5.7

MD5: 4e98bc079b40e85273b32a1d7cd27e71 SHA-1: 3186faf92452a52e17a62e4b112090f9e5662f37 SHA-256: 67e8b3fe69a956acdf02df85ce1388a32466e19701d4491711844506c9d57beb

92 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files hosted on a dynamic DNS domain. This pattern is indicative of SEO poisoning or a link farm designed to drive traffic to potentially malicious or low-quality content. The ML classifier also flagged this document as malicious.

Machine Learning

Nyx PDF Classifier malicious score 0.9891

Heuristics 2

Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM

Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://loaminoo.linkpc.net/1091096095091093094/Salt-Salt-1-by-Danielle-Ellison.pdf
- http://loaminoo.linkpc.net/6092096094090/The-Witch-of-Salt-and-Storm-Salt-amp-Storm-1-by-Kendall-Kulper.pdf
- http://loaminoo.linkpc.net/7093092095092099/Last-Summer-by-J-W-Bouchard.pdf
- http://loaminoo.linkpc.net/1096099090093096/ASYLUM-by-Claude-Bouchard.pdf
- http://loaminoo.linkpc.net/7093092095095096/See-You-in-Saigon-by-Claude-Bouchard.pdf
- http://loaminoo.linkpc.net/7093092094099091/Enlistment-by-Paul-Bouchard.pdf
- http://loaminoo.linkpc.net/2099096094095095/The-Bouchard-Legacy-by-Ted-Magnuson.pdf
- http://loaminoo.linkpc.net/7093092096099093/Diminutive-Revolutions-by-Daniel-Bouchard.pdf
- http://loaminoo.linkpc.net/7093092095096097/The-Elders-Are-Watching-by-David-Bouchard.pdf
- http://loaminoo.linkpc.net/3098096094091098/The-Shattered-Door-by-Lisa-Bouchard.pdf
- http://loaminoo.linkpc.net/5095094090097096/SPARKS---Tales-from-the-Provinces-by-Joseph-Bouchard.pdf
- http://loaminoo.linkpc.net/7093092097090092/The-Drum-Calls-Softly-by-David-Bouchard.pdf
- http://loaminoo.linkpc.net/7093092097090090/Caterpillar-Way-Lessons-in-Leadership-Growth-and-Shareholder-Value-by-Craig-Bouchard.pdf
- http://loaminoo.linkpc.net/9096092097097092/Cent-millions-pour-Al-Qaida-by-Jean-Fran-ois-Bouchard.pdf
- http://loaminoo.linkpc.net/6093099098096090/Sciences-Et-Societes-Autochtones-Partenaires-Pour-L-Avenir-by-Huguette-Bouchard.pdf
- http://loaminoo.linkpc.net/1097097095092091/The-Bathroom-by-RoxAnne-Fox.pdf
- http://loaminoo.linkpc.net/1092091096091/Like-a-Hurricane-by-Roxanne-St-Claire.pdf
- http://loaminoo.linkpc.net/8095090099098095/Roxanne-by-Tanya-Goodwin.pdf
- http://loaminoo.linkpc.net/8095090099097091/Finding-Roxanne-by-Collette-Scott.pdf
- http://loaminoo.linkpc.net/1090091096095098096/Admissions-of-Guilt-by-Roxanne-Winkler.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.