Malicious PDF — malware analysis report

Static analysis result for SHA-256 69797394ea96c786…

MALICIOUS

PDF

12.8 KB Created: 2019-05-02 00:42:40 +01:00 Authoring application: mPDF 5.7
MD5: 62368af0f92c7ffb12b1eb69e3f48bd7 SHA-1: 79e2b8b9ce2d000ec1194f6996993fe10a7cad36 SHA-256: 69797394ea96c78644b10cfb4565b57517feef667822896334a56b1ab579fa95
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files hosted on a dynamic DNS domain. This technique is often used for SEO poisoning or to distribute further malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8905

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9090090093097/The-Great-God-Pan-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/3092097097097091/The-Great-God-Pan-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/4096097094093091/The-Great-God-Pan-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/2098098094091094/The-Terror-and-Other-Stories-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/9094096093094093/The-Great-God-Pan-and-The-Hill-of-Dreams-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/2092099098092099/The-White-People-and-Other-Weird-Stories-by-Arthur-Machen.pdf
    • http://loaminoo.linkpc.net/4091095091099094/Pyramid-Power-Pyramid-2-by-Eric-Flint.pdf
    • http://loaminoo.linkpc.net/3096098098097096/Pyramid-Scheme-Pyramid-1-by-Dave-Freer.pdf
    • http://loaminoo.linkpc.net/3092092090095/The-Shining-The-Shining-1-by-Stephen-King.pdf
    • http://loaminoo.linkpc.net/4096091092097096/Pyramid-by-Tom-Martin.pdf
    • http://loaminoo.linkpc.net/1091097096097096/The-Pyramid-by-Ismail-Kadare.pdf
    • http://loaminoo.linkpc.net/2095091098092098/Pyramid-of-Secrets-by-Jim-Eldridge.pdf
    • http://loaminoo.linkpc.net/2091098096099/Pyramid-of-Bone-by-Thylias-Moss.pdf
    • http://loaminoo.linkpc.net/1095096099099098/The-Pyramid-Waltz-by-Barbara-Ann-Wright.pdf
    • http://loaminoo.linkpc.net/1090090092093/Death-by-Food-Pyramid-by-Denise-Minger.pdf
    • http://loaminoo.linkpc.net/1094091098091099/The-Pyramid-of-Souls-Magickeepers-2-by-Erica-Kirov.pdf
    • http://loaminoo.linkpc.net/4093096094096097/The-Red-Pyramid-Kane-Chronicles-1-by-Rick-Riordan.pdf
    • http://loaminoo.linkpc.net/7097090092094093/Voyages-of-the-Pyramid-Builders-by-Robert-M-Schoch.pdf
    • http://loaminoo.linkpc.net/1093092092090096/The-Buried-Pyramid-Imhotep-2-by-Jerry-Dubs.pdf
    • http://loaminoo.linkpc.net/7098098090091/Sunken-Pyramid-Rogue-Angel-45-by-Alex-Archer.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.