Malicious PDF — malware analysis report

Static analysis result for SHA-256 84e0079af5e465aa…

MALICIOUS

PDF

12.4 KB Created: 2019-04-30 02:55:54 +01:00 Authoring application: mPDF 5.7
MD5: 4727691fd48fb998bb44ac40d30ef72c SHA-1: 7bddcafa145dace09684b9d641b2eda93d0f322a SHA-256: 84e0079af5e465aae7b71051a1e2683e1fae6bf662c44d53c99b20abcdaf7380
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are currently classified as benign, the sheer volume and the heuristic firing of PDF_SEO_LINK_FARM suggest a malicious intent, possibly for SEO manipulation or to redirect users to malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/7099097090095092/Four-Josie-D-Josie-DuPuy-Book-2-by-H-Berkeley-Rourke.pdf
    • http://loaminoo.linkpc.net/1090097099093095097/Josie-by-Kate-Petty.pdf
    • http://loaminoo.linkpc.net/5091099099094/New-Numbers-by-Josie-Kearns.pdf
    • http://loaminoo.linkpc.net/4098094099090094/The-Boy-Next-Door-by-Josie-Lloyd.pdf
    • http://loaminoo.linkpc.net/2091091093099097/Love-but-Never-Never-1-by-Josie-Leigh.pdf
    • http://loaminoo.linkpc.net/4098090091090096/Is-That-Josie-by-Keiko-Narahashi.pdf
    • http://loaminoo.linkpc.net/8097098097099095/My-World-by-Josie-Firmin.pdf
    • http://loaminoo.linkpc.net/8097098097091093/The-Cats-Abc-by-Josie-Firmin.pdf
    • http://loaminoo.linkpc.net/8099098096/One-Day-in-December-by-Josie-Silver.pdf
    • http://loaminoo.linkpc.net/2099099096099095/Brought-Forth-by-Josie-Finch.pdf
    • http://loaminoo.linkpc.net/9097097094096094/Josie-Smith-by-Magdalen-Nabb.pdf
    • http://loaminoo.linkpc.net/2090090091098097/Band-Geeked-Out-by-Josie-Bloss.pdf
    • http://loaminoo.linkpc.net/3099090097091092/The-Wife-The-Professor-4-by-Josie-Leigh.pdf
    • http://loaminoo.linkpc.net/1090097099091094096/Jackie-by-Josie-by-Caroline-Preston.pdf
    • http://loaminoo.linkpc.net/1090098097097099093/Jeanette-and-Josie-by-Claude-Lager.pdf
    • http://loaminoo.linkpc.net/3095098097092098/Awakened-Anew-1-by-Josie-Litton.pdf
    • http://loaminoo.linkpc.net/2092091099091098/Faking-Faith-by-Josie-Bloss.pdf
    • http://loaminoo.linkpc.net/1090097099092093098/Awakened-Anew-1-by-Josie-Litton.pdf
    • http://loaminoo.linkpc.net/8099094091097/Josie-and-Jack-by-Kelly-Braffet.pdf
    • http://loaminoo.linkpc.net/1091096098093091091/Daughters-of-Icarus-by-Josie-E-Brown.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.