Malicious PDF — malware analysis report

Static analysis result for SHA-256 8478d448efbf9816…

MALICIOUS

PDF

17.2 KB Created: 2019-05-02 17:55:18 +01:00 Authoring application: mPDF 5.7 First seen: 2021-06-04
MD5: 332803a7396255fc099871b5011c0a21 SHA-1: ea48b4bbf33963acb16622b3c6472675e8b9a53f SHA-256: 8478d448efbf9816f3b5d3153a98f6bc46fa3c6b5aabad61419d558c8fc9b983
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which suggests a malicious intent to manipulate search engine results or distribute malware. While the specific URLs are marked as benign, the sheer volume and the ML classifier's high confidence indicate a malicious document. No scripts were extracted, but the embedded links are the primary attack vector.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4092092091093094/Lucy-in-Her-Secret-Wood-by-Christina-M-Pag-s.pdf In PDF document text
    • http://loaminoo.linkpc.net/4092091097097094/The-Secret-of-Nightingale-Wood-by-Lucy-Strange.pdfIn PDF document text
    • http://loaminoo.linkpc.net/1091093090096093/Diving-Belles-by-Lucy-Wood.pdfIn PDF document text
    • http://loaminoo.linkpc.net/3098091096090098/The-Secret-of-Happy-Ever-After-by-Lucy-Dillon.pdfIn PDF document text
    • http://loaminoo.linkpc.net/8093094098097091/Poussin-s-Secret-by-David-Wood.pdfIn PDF document text
    • http://loaminoo.linkpc.net/2095093099099096/FREE-WOOD-III-THE-CRATE-BOOK-Upcycling-pallet-wood-into-sturdy-wood-crates-with-precision-and-repeatability-by-T-G-Forge.pdfIn PDF document text
    • http://loaminoo.linkpc.net/2090092095093/Rico-s-Secret-Child-by-Lucy-Gordon.pdfIn PDF document text
    • http://loaminoo.linkpc.net/1099095093098093/My-Secret-Rockstar-Boyfriend-by-Eleanor-Wood.pdfIn PDF document text
    • http://loaminoo.linkpc.net/3092092093092090/The-Secret-of-Pooks-Wood-by-Helen-Laycock.pdfIn PDF document text
    • http://loaminoo.linkpc.net/4090095099098094/The-Raven-The-Secret-Chronicles-of-Lost-Magic-1-by-Aderyn-Wood.pdfIn PDF document text
    • http://loaminoo.linkpc.net/4092097095090095/The-Secret-of-Castle-Cant-Being-an-Account-of-the-Remarkable-Adventures-of-Lucy-Wickwright-Maidservant-and-Spy-by-K-P-Bath.pdfIn PDF document text
    • http://loaminoo.linkpc.net/3094090097099092/Beautiful-Secret-Beautiful-Bastard-4-by-Christina-Lauren.pdfIn PDF document text
    • http://loaminoo.linkpc.net/2094094094099099/Catching-Lucy-Lucy-amp-Harris-1-by-Terri-Anne-Browning.pdfIn PDF document text
    • http://loaminoo.linkpc.net/5096097095095098/Forever-Lucy-Lucy-amp-Harris-5-by-Terri-Anne-Browning.pdfIn PDF document text
    • http://loaminoo.linkpc.net/3095090097097097/Handbook-of-Wood-Chemistry-and-Wood-Composites-by-Roger-M-Rowell.pdfIn PDF document text
    • http://loaminoo.linkpc.net/3091091099095093/Merlin-s-Wood-Mythago-Wood-5-by-Robert-Holdstock.pdfIn PDF document text
    • http://loaminoo.linkpc.net/1096095093096095/Natalie-Wood-a-memoir-by-her-sister-by-Lana-Wood.pdfIn PDF document text
    • http://loaminoo.linkpc.net/1091097090093096096/Using-The-Sissy-Next-Door-Christina-s-feminization-part-2-Sissy-Christina-Book-3-by-Melinda-Streng.pdfIn PDF document text
    • http://loaminoo.linkpc.net/2092096098098/Beyond-the-Wood-Beyond-the-Wood-1-by-Michael-J-Roueche.pdfIn PDF document text
    • http://loaminoo.linkpc.net/1096096095092093/Aster-Wood-and-the-Lost-Maps-of-Almara-Aster-Wood-1-by-J-B-Cantwell.pdfIn PDF document text