Malicious PDF — malware analysis report

Static analysis result for SHA-256 798a7b972d41991b…

MALICIOUS

PDF

14.3 KB Created: 2019-04-30 02:30:54 +01:00 Authoring application: mPDF 5.7
MD5: 6a94ac985f69f5150ae77ed83298e33d SHA-1: 3aab6c59a50aa54ba263e30a06762de5c23627ca SHA-256: 798a7b972d41991bbd304c8ff1b1db11066afbc58c17faabac40c810c3a9532a
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to external PDF files hosted on loaminoo.linkpc.net. While the URLs themselves are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation or to distribute further malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3090091092097099/Sweet-Seduction-Sabotage-Sweet-Seduction-6-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/8095095096098096/Sweet-Seduction-Stripped-Sweet-Seduction-7-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/8095095096098095/Sweet-Seduction-Shield-Sweet-Seduction-5-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/9098095093097092/Sweet-Seduction-Sayonara-Sweet-Seduction-9-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/1098094098099097/Sweet-Seduction-Shield-Sweet-Seduction-5-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/3090091092098092/Sweet-Seduction-Sacrifice-Sweet-Seduction-1-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/1098094098097093/Sweet-Seduction-Shadow-Sweet-Seduction-3-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/4096098093098093/Sweet-Seduction-Sacrifice-Sweet-Seduction-1-by-Nicola-Claire.pdf
    • http://loaminoo.linkpc.net/5095096099098098/Seduction-of-Combat-Seduction-1-by-Emma-Calin.pdf
    • http://loaminoo.linkpc.net/2095092090091090/Song-of-Seduction-Seduction-1-by-Carrie-Lofty.pdf
    • http://loaminoo.linkpc.net/5095096099099099/Seduction-of-Taste-Seduction-3-by-Emma-Calin.pdf
    • http://loaminoo.linkpc.net/1097091093092094/The-Seduction-3-The-Seduction-3-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/1097098091097091/The-Seduction-4-The-Seduction-4-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/1097091092098095/The-Seduction-2-The-Seduction-2-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/3093092095092091/Seduction-Seduction-1-by-Scott-Prussing.pdf
    • http://loaminoo.linkpc.net/1097091093096092/The-Seduction-4-The-Seduction-4-by-Roxy-Sloane.pdf
    • http://loaminoo.linkpc.net/2092093091/Sweet-Soul-Sweet-Home-4-Carillo-Boys-3-by-Tillie-Cole.pdf
    • http://loaminoo.linkpc.net/3098092095091094/Masters-of-Seduction-Volume-2-Masters-of-Seduction-5-8-by-Lara-Adrian.pdf
    • http://loaminoo.linkpc.net/3098097096090093/Sweet-Vengeance-Jessica-Sweet-Trilogy-1-by-Aliya-DalRae.pdf
    • http://loaminoo.linkpc.net/8092094097092096/Sweet-Secrets-Sweet-Cove-Cozy-Mystery-3-by-J-A-Whiting.pdf
    • http://loaminoo.linkpc.net/1097091093092

Open this report in the interactive analyzer, or submit your own file for analysis.