Malicious PDF — malware analysis report

Static analysis result for SHA-256 8172a235a7d9b782…

MALICIOUS

PDF

26.6 KB Created: 2019-04-29 22:59:21 +01:00 Authoring application: mPDF 5.7
MD5: ce8496a7a1bfb34e9eb44907232a3ee4 SHA-1: 3638e5ca085833d76a7676deb857c3ed6adb8080 SHA-256: 8172a235a7d9b782af83746d0105fa4be1e1c48cd030052315ee976d082ef23c
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO manipulation or to distribute malicious content. The ML classifier strongly flagged this PDF as malicious. While the document body is unreadable, the heuristic 'PDF_SEO_LINK_FARM' indicates the primary malicious function is to redirect users to a large number of URLs hosted on the 'loaminoo.linkpc.net' domain.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9912

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090097095097092098/Land-Und-Leute-in-Der-Alten-Und-Neuen-Welt-Vol-3-Reiseskizzen-by-Franz-Loher.pdf
    • http://loaminoo.linkpc.net/1090091093092092096/Berlin---New-York-Alle-Kolumnen-aus-der-sch-nen-neuen-Welt-by-Alexander-Osang.pdf
    • http://loaminoo.linkpc.net/1090091095097092096/Gottes-sanfter-Rebell-Joseph-Kentenich-und-seine-Vision-von-einer-neuen-Welt-by-Christian-Feldmann.pdf
    • http://loaminoo.linkpc.net/1091097096093095091/Zers-gt-eure-Doppelbetten-Die-quot-Geistige-Welt-quot-zu-Liebe-Partnerschaft-und-Sexualit-t-in-der-Neuen-Zeit-by-Robert-Betz.pdf
    • http://loaminoo.linkpc.net/1091090091091090097/Geschichte-der-Welt-Wege-zur-modernen-Welt-1750-1870-by-Akira-Iriye.pdf
    • http://loaminoo.linkpc.net/2092096093093095/Lily-by-Patricia-Gaffney.pdf
    • http://loaminoo.linkpc.net/1096098099099/Enemy-Combatant-by-Ed-Gaffney.pdf
    • http://loaminoo.linkpc.net/3095094096096097/The-Fenian-Sacrifice-by-E-S-Gaffney.pdf
    • http://loaminoo.linkpc.net/9094093092097099/Wie-Die-Dackel-in-Die-Welt-Kamen-Die-Ganz-Besondere-Kurze-Geschichte-Von-Einem-Ganz-Besonderen-Langen-Hund-Tall-Tales-1-by-Kizzie-Elizabeth-Jones.pdf
    • http://loaminoo.linkpc.net/3092091099099097/China-Harbor-Out-of-Time-by-S-T-Gaffney.pdf
    • http://loaminoo.linkpc.net/1092098096099/Sweet-Everlasting-by-Patricia-Gaffney.pdf
    • http://loaminoo.linkpc.net/2093090097092090/Flight-Lessons-by-Patricia-Gaffney.pdf
    • http://loaminoo.linkpc.net/9096099099098097/Das-Sterben-Der-Letzten-Welt-Uber-Die-Funktion-Der-Mythisch-Konstruierten-Diegese-Fur-Die-Zivilisationskritik-in-Christoph-Ransmayrs-Roman-Die-Letzte-Welt-by-Till-Hurlin.pdf
    • http://loaminoo.linkpc.net/4095096091092098/The-9-11-Mystery-Plane-And-the-Vanishing-of-America-by-Mark-H-Gaffney.pdf
    • http://loaminoo.linkpc.net/1092097092096/To-Love-and-to-Cherish-Wyckerley-Trilogy-1-by-Patricia-Gaffney.pdf
    • http://loaminoo.linkpc.net/9095099098098097/Zirkus-in-Kunst-Und-Literatur-Zirkusfilm-Parade-Circus-Welt-Wasser-Fur-Die-Elefanten-Trapez-Arabische-Nachte-Die-Grosste-Schau-Der-Welt-by-Source-Wikipedia.pdf
    • http://loaminoo.linkpc.net/1090090095095099091/Rosinkawiese---damals-und-heute-Die-Rosinkawiesen-Trilogie-in-einem-Band-Rosinkawiese-1-3-by-Gudrun-Pausewang.pdf
    • http://loaminoo.linkpc.net/9095099098098098/Zirkus-in-Kunst-Und-Literatur-Zirkusfilm-Parade-Circus-Welt-Wasser-Fur-Die-Elefanten-Trapez-Arabische-Nachte-Die-Grosste-Schau-Der-Welt-Zirku-by-Source-Wikipedia.pdf
    • http://loaminoo.linkpc.net/9093093091097095/Fiktive-Welt-Der-Werke-Tolkiens-Der-Herr-Der-Ringe-Ork-Das-Silmarillion-Quenya-Figuren-in-Tolkiens-Welt-by-Source-Wikipedia.pdf
    • http://loaminoo.linkpc.net/1090092099090091097/Baiae-Das-Erste-Luxusbad-Der-R-mer-I-Teil-Programm-Zum-Jahresberichte-Des-K-Neuen-Gymnasiums-in-Regensburg-F-r-Das-Studienjahr-1904-05-II-Teil-Programm-Zum-Jahresberichte-Des-K-Neuen-Gymnasiums-in-Regensburg-F-r-Das-Studienjahr-1905-06-by-Joseph-Schmatz.pdf
    • http://loaminoo.linkpc.net/1096098099099/

Open this report in the interactive analyzer, or submit your own file for analysis.