Malicious PDF — malware analysis report

Static analysis result for SHA-256 84e30190e91f78f2…

MALICIOUS

PDF

12.6 KB Created: 2019-05-02 05:05:09 +01:00 Authoring application: mPDF 5.7
MD5: dcf47a03e3efd0226544908f2d9ea273 SHA-1: c609dd7945c384fdba0b35f8598d571f642ab1ea SHA-256: 84e30190e91f78f2413ca458a675316c0a67859a182b2ec7093ddf24afe16686
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links, identified as a link farm, which is a common tactic for SEO manipulation or distributing malicious payloads. While the specific URLs are currently marked as benign, the sheer volume and the heuristic firing indicate a malicious intent. The ML classifier also flagged this PDF as malicious. No scripts were extracted, but the embedded links are the primary indicators of compromise.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3093099098094091/Street-Fair-Fair-Folk-Chronicles-2-by-Jeffrey-Cook.pdf
    • http://loaminoo.linkpc.net/1094095092090099/Fair-Game-All-s-Fair-1-by-Josh-Lanyon.pdf
    • http://loaminoo.linkpc.net/2091098090099093/Fair-Game-A-Fair-to-Remember-2-by-Carol-Cox.pdf
    • http://loaminoo.linkpc.net/1090099091096093/Scarborough-Fair-Scarborough-Fair-1-by-Margarita-Morris.pdf
    • http://loaminoo.linkpc.net/2090094090095/It-Happened-at-the-Fair-It-Happened-at-the-Fair-1-by-Deeanne-Gist.pdf
    • http://loaminoo.linkpc.net/4099091098095090/Cut-Thin-to-Win-by-A-A-Fair.pdf
    • http://loaminoo.linkpc.net/9097097090094099/Up-for-Grabs-by-A-A-Fair.pdf
    • http://loaminoo.linkpc.net/5098095090094094/Zak-and-the-Fair-by-Link-Dyrdahl.pdf
    • http://loaminoo.linkpc.net/6097095099099094/It-s-Not-Fair-by-Amy-Krouse-Rosenthal.pdf
    • http://loaminoo.linkpc.net/3095099090093090/All-s-Fair-in-Love-and-Law-by-K-M-Daughters.pdf
    • http://loaminoo.linkpc.net/4094092091095097/Fair-Weather-by-Joe-Matt.pdf
    • http://loaminoo.linkpc.net/3090097094094/World-s-Fair-by-E-L-Doctorow.pdf
    • http://loaminoo.linkpc.net/1097092095092094/Maginaugh-The-Fair-and-Fey-1-by-J-Ellyne.pdf
    • http://loaminoo.linkpc.net/2093090090099094/Frost-Fair-by-Erastes.pdf
    • http://loaminoo.linkpc.net/3098099097093097/Fair-to-Hope-by-Sam-Reed.pdf
    • http://loaminoo.linkpc.net/4099092096091098/Fish-Or-Cut-Bait-by-A-A-Fair.pdf
    • http://loaminoo.linkpc.net/2099091099098093/Wolves-Among-Sheep-by-Melanie-Fair.pdf
    • http://loaminoo.linkpc.net/2094099098098097/Death-Comes-to-the-Fair-by-Catherine-Lloyd.pdf
    • http://loaminoo.linkpc.net/1092095092097/Fair-Game-by-Diane-Farr.pdf
    • http://loaminoo.linkpc.net/9090093093094090/Amaryllis-at-the-Fair-by-Richard-Jefferies.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.