Malicious PDF — malware analysis report

Static analysis result for SHA-256 7c2a94b212ff40ae…

MALICIOUS

PDF

12.8 KB Created: 2019-05-01 19:23:08 +01:00 Authoring application: mPDF 5.7
MD5: 019f102916a8600c440f7311fdaa37ee SHA-1: b9dada44f457f93fde7a011b6caa5c34a8b03230 SHA-256: 7c2a94b212ff40ae04d290ee3e7566191add6b710009a4dd27f27b03dc03d7e9
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs pointing to external PDF files, characteristic of a link farm. The ML classifier also flagged this PDF as malicious. The primary attack pattern involves directing users to a collection of potentially malicious or unwanted content via these links.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8905

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1098099094099090/Sid-The-Protectors-4-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/1098099093096090/Jax-The-Protectors-8-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/1093092093091094/Adam-The-Protectors-5-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/1091096099095094/Duncan-The-Protectors-3-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/3091090099094097/Blind-Faith-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/1098099094096098/A-Warrior-Wedding-The-Protectors-7-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/1098099090097090/Invisible-Warrior-The-Protectors-11-by-Teresa-Gabelman.pdf
    • http://loaminoo.linkpc.net/2096095098094090/Sanctuary-Sanctuary-Series-1-by-Jess-Anastasi.pdf
    • http://loaminoo.linkpc.net/1090095092098092093/The-Journal-Of-Sanctuary-One-Sanctuary-6-by-R-J-Scott.pdf
    • http://loaminoo.linkpc.net/1090097098096096/The-Last-Sanctuary-The-Last-Sanctuary-1-by-P-S-Mokha.pdf
    • http://loaminoo.linkpc.net/2090094090098/Sanctuary-Island-Sanctuary-Island-1-by-Lily-Everett.pdf
    • http://loaminoo.linkpc.net/2091090096091099/The-Life-of-Saint-Teresa-of-vila-by-Herself-by-Teresa-of-vila.pdf
    • http://loaminoo.linkpc.net/6090091091095/The-Sanctuary-by-Ted-Dekker.pdf
    • http://loaminoo.linkpc.net/3093098093090099/Sanctuary-Vol-1-by-Sho-Fumimura.pdf
    • http://loaminoo.linkpc.net/1095094099098096/Sanctuary-by-Pauline-Creeden.pdf
    • http://loaminoo.linkpc.net/3094094098092094/Sanctuary-with-the-Cowboy-by-M-J-Fredrick.pdf
    • http://loaminoo.linkpc.net/4097098096097092/Beyond-Sanctuary-by-Janet-E-Morris.pdf
    • http://loaminoo.linkpc.net/1099092095098094/By-the-Numbers-Sanctuary-10-by-R-J-Scott.pdf
    • http://loaminoo.linkpc.net/1094098093093094/Sanctuary-by-Nora-Roberts.pdf
    • http://loaminoo.linkpc.net/5097095095090091/Sanctuary-by-Edith-Wharton.pdf
    • http://loaminoo.linkpc.net/6090091091095/The-Sanctuary-by

Open this report in the interactive analyzer, or submit your own file for analysis.