Malicious PDF — malware analysis report

Static analysis result for SHA-256 697d8f37c06de4f0…

MALICIOUS

PDF

12.6 KB Created: 2019-05-02 06:46:40 +01:00 Authoring application: mPDF 5.7
MD5: 29803d11a610221130b942bff3097bec SHA-1: 401557cd606b484c05990f9e9d74ec9ef9326ea0 SHA-256: 697d8f37c06de4f0294edd927b2c6991f6cb980072816e83764aa5deb27880c5
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, forming a link farm that masquerades as book downloads. This heuristic, combined with the ML classifier, indicates a malicious intent to redirect users to external content. The primary attack pattern observed is the use of a PDF document as a lure to encourage users to click on links, likely for phishing or malware distribution.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9092096096099094/Der-Teufel-von-New-York-by-Lyndsay-Faye.pdf
    • http://loaminoo.linkpc.net/4092096093099094/The-Paragon-Hotel-by-Lyndsay-Faye.pdf
    • http://loaminoo.linkpc.net/3093096092094095/The-Whole-Art-of-Detection-Lost-Mysteries-of-Sherlock-Holmes-by-Lyndsay-Faye.pdf
    • http://loaminoo.linkpc.net/1091094093097090094/Steele-Intent-The-Jasmine-Steele-Mystery-Series-Book-1-by-Kimberly-Amato.pdf
    • http://loaminoo.linkpc.net/2097096099096093/Red-Hot-Steele-Daggers-amp-Steele-1-by-Alex-P-Berg.pdf
    • http://loaminoo.linkpc.net/4098097092091090/Making-It-Big-by-Lyndsay-Russell.pdf
    • http://loaminoo.linkpc.net/4095096097090091/Riding-Steele-Crossroads-Riding-Steele-5-by-Opal-Carew.pdf
    • http://loaminoo.linkpc.net/3093097093095096/Taken-Taken-1-by-Nikki-Faye.pdf
    • http://loaminoo.linkpc.net/8093091093096098/Bad-in-Bed-by-Faye-Avalon.pdf
    • http://loaminoo.linkpc.net/1091097095098096090/The-Wonder-by-Faye-Hanson.pdf
    • http://loaminoo.linkpc.net/4097098093094093/Grumbles-by-Sondra-Faye.pdf
    • http://loaminoo.linkpc.net/2097094099093098/Stalker-by-Faye-Kellerman.pdf
    • http://loaminoo.linkpc.net/3097099099095093/To-Tell-the-Truth-by-Faye-M-Tollison.pdf
    • http://loaminoo.linkpc.net/1093098090091094/My-Second-Life-by-Faye-Bird.pdf
    • http://loaminoo.linkpc.net/2098092096099099/Twice-Tackled-Twice-3-by-Madison-Faye.pdf
    • http://loaminoo.linkpc.net/4096091098095095/My-Second-Life-by-Faye-Bird.pdf
    • http://loaminoo.linkpc.net/1098090095091091/Halley-by-Faye-Gibbons.pdf
    • http://loaminoo.linkpc.net/4097097090090093/Straight-into-Darkness-by-Faye-Kellerman.pdf
    • http://loaminoo.linkpc.net/9091097093094/Mourner-s-Bench-by-Sanderia-Faye.pdf
    • http://loaminoo.linkpc.net/4097094096097090/Professor-First-Time-2-by-Madison-Faye.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.