Malicious PDF — malware analysis report

Static analysis result for SHA-256 84efdb9179aaa4e4…

MALICIOUS

PDF

17.0 KB Created: 2019-04-30 11:19:35 +01:00 Authoring application: mPDF 5.7
MD5: a24c700f164e8e385bb579b12e9960d2 SHA-1: b430d9c467b5118bea456a270db65c41f0e73613 SHA-256: 84efdb9179aaa4e4a2d4abb48ef13997f1dd421a62149913816f061cb3efe67a
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While most of these links point to benign-looking book titles, the sheer volume and the ML_NYX_PDF_MALICIOUS classification suggest a malicious intent, likely to manipulate search engine results or distribute malware. No scripts were extracted from this sample, and the document body was unreadable.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1094092093091090/Hand-Made-Hand-Played-The-Art-Craft-of-Contemporary-Guitars-by-Robert-Shaw.pdf
    • http://loaminoo.linkpc.net/1091097095095098093/The-Hand-I-Played-A-Poker-Memoir-by-David-Spanier.pdf
    • http://loaminoo.linkpc.net/1090091095092096090/Der-neue-Landdoktor-26---Arztroman-Wir-beide-Hand-in-Hand-by-Tessa-Hofreiter.pdf
    • http://loaminoo.linkpc.net/1090091095094099094/The-Hand-Behind-the-Invisible-Hand-by-Karl-Joseph-Anton-Mittermaier.pdf
    • http://loaminoo.linkpc.net/2092097094095093/The-Witch-of-Hebron-World-Made-by-Hand-2-by-James-Howard-Kunstler.pdf
    • http://loaminoo.linkpc.net/3093098095098096/Cut-Hand-Cut-Hand-1-by-Mark-Wildyr.pdf
    • http://loaminoo.linkpc.net/5094099098099092/Helping-Hand-September---November-2018-God-s-World-and-God-s-People-The-Helping-Hand-in-Bible-Study-Book-134-by-Seventh-Day-Baptist-Christian-Education-Council.pdf
    • http://loaminoo.linkpc.net/7091099094097091/Alabama-Stitch-Book-Projects-and-Stories-Celebrating-Hand-Sewing-Quilting-and-Embroidery-for-Contemporary-Sustainable-Style-by-Natalie-Chanin.pdf
    • http://loaminoo.linkpc.net/3097096094095094/The-Hand-of-Kane-by-Robert-E-Howard.pdf
    • http://loaminoo.linkpc.net/8093097090091098/Hickok-Dead-Man-s-Hand-by-Robert-K-Boscarato.pdf
    • http://loaminoo.linkpc.net/2097094099092092/Pieces-for-the-Left-Hand-100-Anecdotes-by-J-Robert-Lennon.pdf
    • http://loaminoo.linkpc.net/2093094092093090/Guitars-and-Cages-Guitars-1-by-Layla-Dorine.pdf
    • http://loaminoo.linkpc.net/3092094099095097/Right-Hand-Up-to-God-No-More-Will-Die-by-M-J-Croan.pdf
    • http://loaminoo.linkpc.net/9099092094090092/Second-Hand-Rose-by-Lin-Stepp.pdf
    • http://loaminoo.linkpc.net/4091097093097090/The-Black-Hand-of-God-by-R-S-Basi.pdf
    • http://loaminoo.linkpc.net/3094097098096092/Two-In-Hand-by-Mary-Winter.pdf
    • http://loaminoo.linkpc.net/1091094098097094099/Never-Let-Go-Take-My-Hand-4-by-Nicola-Haken.pdf
    • http://loaminoo.linkpc.net/2095097094092092/Taken-in-Hand-Taken-1-by-Shannon-West.pdf
    • http://loaminoo.linkpc.net/4093091098093098/The-Hand-of-Fu-Manchu-by-Sax-Rohmer.pdf
    • http://loaminoo.linkpc.net/4096093094092096/Demons-Run-The-Right-Hand-Man-1-by-Amy-Wood.pdf
    • http://loaminoo.linkpc.net/7091099094097091/

Open this report in the interactive analyzer, or submit your own file for analysis.