Malicious PDF — malware analysis report

Static analysis result for SHA-256 854f8660719ed30e…

MALICIOUS

PDF

13.8 KB Created: 2019-05-02 04:39:14 +01:00 Authoring application: mPDF 5.7
MD5: 6ab5022ff80e93b4becbf6fca989fd4d SHA-1: 10ead9716259194281e8351ab3acbdebe66f353f SHA-256: 854f8660719ed30e3d566f5cdde94127a07b04d1416ca368d4714b70c2de6d84
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm, suggesting a tactic to manipulate search engine results or redirect users to potentially malicious content. While the URLs themselves are currently flagged as benign, the sheer volume and the heuristic firing indicate a suspicious pattern. No scripts were extracted, but the embedded URLs are the primary indicators of malicious intent.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3095097093092/The-Forever-Song-Blood-of-Eden-3-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/2094095093091092/The-Forever-Song-Blood-of-Eden-3-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/1092096096096099/Dawn-of-Eden-Blood-of-Eden-0-5-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/2097091093098097/The-Immortal-Rules-Blood-of-Eden-1-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/1094095092092096/The-Eternity-Cure-Blood-of-Eden-2-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/6097098094091091/La-Gardienne-D-Eternite-Blood-of-Eden-2-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/1090094090095/The-Immortal-Rules-Blood-of-Eden-1-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/9094099091098095/The-Iron-Fey-Series-Julie-Kagawa-Collection-6-Books-Set-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/4098097097090094/Legion-Talon-4-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/5096094099/Legion-Talon-4-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/3098099099094/Rogue-Talon-2-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/1093095092097091/The-Iron-Daughter-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/4096097094091098/Rogue-Talon-2-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/9094099091091096/Zeke-s-Letter-to-Allie-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/8091092092093094/Vampires-Banshees-and-Angels-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/9094099091098096/The-Talon-Saga-4-Book-Series-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/5095091095091091/La-princesse-maudite-T1---Les-Royaumes-invisibles-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/4098099093094092/The-Lost-Prince-The-Iron-Fey-Call-of-the-Forgotten-1-by-Julie-Kagawa.pdf
    • http://loaminoo.linkpc.net/1095099096091091/Blood-Forever-Blood-Coven-Vampire-8-by-Mari-Mancusi.pdf
    • http://loaminoo.linkpc.net/4090094095095095/Blood-Song-Blood-2-by-Tamara-Rose-Blodgett.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.