Malicious PDF — malware analysis report

Static analysis result for SHA-256 8604101f9e07db6f…

MALICIOUS

PDF

13.7 KB Created: 2019-04-30 05:41:01 +01:00 Authoring application: mPDF 5.7
MD5: ff8f780c8de5738c277029c5ad035faf SHA-1: c1b49c263ca95991eb1d5398f997aae7b2895fc2 SHA-256: 8604101f9e07db6f2051fe77b45e0376fd49ec3788169ff646e9afb7031ab5f7
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains a large number of embedded links to external PDF files, many of which are hosted on the dynamic DNS domain loaminoo.linkpc.net. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this document as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/5094090094091/Killer-of-Enemies-Killer-of-Enemies-1-by-Joseph-Bruchac.pdf
    • http://loaminoo.linkpc.net/3093091099098095/Enemies-like-You-Enemies-with-Benefits-1-by-Annika-Martin.pdf
    • http://loaminoo.linkpc.net/3098097096094091/Urban-Enemies-by-Joseph-Nassise.pdf
    • http://loaminoo.linkpc.net/3093090099093096/The-Diary-of-a-Killer-Cat-The-Killer-Cat-1-by-Anne-Fine.pdf
    • http://loaminoo.linkpc.net/4093097097091092/1-900-Killer-by-Joseph-Locke.pdf
    • http://loaminoo.linkpc.net/5093097091096098/K-comme-killer-K-is-for-Killer-by-Sue-Grafton.pdf
    • http://loaminoo.linkpc.net/1097092094/Lady-Killer-Volume-1-Lady-Killer-1-by-Jo-lle-Jones.pdf
    • http://loaminoo.linkpc.net/1094093094095092/The-Dark-Pond-by-Joseph-Bruchac.pdf
    • http://loaminoo.linkpc.net/3091099097092092/Wabi-A-Hero-s-Tale-by-Joseph-Bruchac.pdf
    • http://loaminoo.linkpc.net/1090095095093090/Against-All-Enemies-Max-Moore-1-by-Tom-Clancy.pdf
    • http://loaminoo.linkpc.net/2095094093097/Intimate-Enemies-by-Shana-Abe.pdf
    • http://loaminoo.linkpc.net/4090099099094095/Yesterday-s-Enemies-by-Erika-M-Feiner.pdf
    • http://loaminoo.linkpc.net/2095090092092/Enemies-of-the-System-by-Brian-W-Aldiss.pdf
    • http://loaminoo.linkpc.net/2098097095098095/Public-Enemies-On-The-Run-5-by-Gordon-Korman.pdf
    • http://loaminoo.linkpc.net/9098096099095090/Friends-and-Enemies-by-Colin-Dann.pdf
    • http://loaminoo.linkpc.net/6097093093097094/The-Ultimates-Against-All-Enemies-by-Alexander-C-Irvine.pdf
    • http://loaminoo.linkpc.net/2098098091092095/Brave-Enemies-by-Robert-Morgan.pdf
    • http://loaminoo.linkpc.net/6098093094098094/Enemies-Of-Everywhere---Savior-Of-The-River-by-Xia-Brillant.pdf
    • http://loaminoo.linkpc.net/3095092097099097/A-Choice-of-Enemies-by-Mordecai-Richler.pdf
    • http://loaminoo.linkpc.net/2098096092092098/Get-It-Enemies-to-Lovers-2-5-by-Anyta-Sunday.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.