Malicious PDF — malware analysis report

Static analysis result for SHA-256 7869da1eb1a7a3a5…

MALICIOUS

PDF

15.5 KB Created: 2019-05-02 19:52:45 +01:00 Authoring application: mPDF 5.7
MD5: 3cc305578b76d6eebba0f72377ac5c5e SHA-1: ccede074b526dfbcebc9c46209ea68cf12f98d51 SHA-256: 7869da1eb1a7a3a5251e9d17c232d8a94e5718901dadffbd035b925cccc807f2
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded URLs pointing to external PDF documents, a technique often used for SEO manipulation or to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass external PDF link farm, with the dominant host being 'loaminoo.linkpc.net'. While the document body is heavily obfuscated, the presence of these links suggests a deceptive or manipulative intent. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4099096097096093/Georgia-A-Novel-of-Georgia-O-Keeffe-by-Dawn-Tripp.pdf
    • http://loaminoo.linkpc.net/3092096094099095/Georgia-O-Keeffe-One-Hundred-Flowers-by-Georgia-O-39-Keeffe.pdf
    • http://loaminoo.linkpc.net/9096092091098/Georgia-in-Hawaii-When-Georgia-O-Keeffe-Painted-What-She-Pleased-by-Amy-Novesky.pdf
    • http://loaminoo.linkpc.net/5099094096093097/Georgia-O-Keeffe-in-New-Mexico-A-Guide-by-Marsha-Bellavance-Johnson.pdf
    • http://loaminoo.linkpc.net/3093090090094093/Portrait-of-an-Artist-A-Biography-of-Georgia-O-Keeffe-by-Laurie-Lisle.pdf
    • http://loaminoo.linkpc.net/1098095094097099/Drums-and-Shadows-Survival-Studies-among-the-Georgia-Coastal-Negroes-by-Georgia-Writers-39-Project.pdf
    • http://loaminoo.linkpc.net/3093092097090090/The-Pot-Thief-Who-Studied-Georgia-O-Keeffe-The-Pot-Thief-Mysteries-Book-7-by-J-Michael-Orenduff.pdf
    • http://loaminoo.linkpc.net/1096092092094092/Confessions-of-Georgia-Nicolson-Confessions-of-Georgia-Nicolson-1-2-by-Louise-Rennison.pdf
    • http://loaminoo.linkpc.net/4095090099091/Going-Under-Going-Under-1-by-Georgia-Cates.pdf
    • http://loaminoo.linkpc.net/3095096091099094/Right-Here-Right-Now-by-Georgia-Beers.pdf
    • http://loaminoo.linkpc.net/9090092095093/Purebred-by-Georgia-Fox.pdf
    • http://loaminoo.linkpc.net/6097091092096092/Georgia-by-Lesley-Pearse.pdf
    • http://loaminoo.linkpc.net/1095096096/Indulge-by-Georgia-Cates.pdf
    • http://loaminoo.linkpc.net/3096091091096093/Pieces-of-Georgia-by-Jen-Bryant.pdf
    • http://loaminoo.linkpc.net/7098098090096/Shallow-Going-Under-2-by-Georgia-Cates.pdf
    • http://loaminoo.linkpc.net/1097093091095096/Between-a-Wolf-and-a-Dog-by-Georgia-Blain.pdf
    • http://loaminoo.linkpc.net/6091091094092098/Special-by-Georgia-Blain.pdf
    • http://loaminoo.linkpc.net/6096099092099091/Escape-by-Georgia-Bruton.pdf
    • http://loaminoo.linkpc.net/5090094094090098/The-Craftsman-Conquerors-3-by-Georgia-Fox.pdf
    • http://loaminoo.linkpc.net/2095096094091091/Darkwater-by-Georgia-Blain.pdf
    • http://loaminoo.linkpc.net/1096092092094092/Confessions-of-Georgia-Nicolson-Confessions-of-Georgia-Nicolson-1-

Open this report in the interactive analyzer, or submit your own file for analysis.