Malicious PDF — malware analysis report

Static analysis result for SHA-256 88c76e259467ec31…

MALICIOUS

PDF

15.5 KB Created: 2019-04-30 09:53:03 +01:00 Authoring application: mPDF 5.7
MD5: ed1d32c914a441f7d4508f0a12c23cd3 SHA-1: 5cd246cc698519f3bf687a4510699c03b38d4e98 SHA-256: 88c76e259467ec319e4ea17ee1da62b45599e37978185e3f3bf7b27d1d1e9e42
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains a large number of embedded links to external PDF files, hosted on the suspicious domain 'loaminoo.linkpc.net'. This behavior is indicative of a link farm or a lure to download further malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090097092095098/The-Cat-of-Bubastes-A-Tale-of-Ancient-Egypt-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/1090095095093094096/The-Cat-of-Bubastes-A-Tale-of-Ancient-Egypt-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/7095092095096096/The-Treasures-of-Ancient-Egypt-From-the-Rosetta-Stone-to-the-Tomb-of-Tutankhamun---The-Search-for-the-Riches-of-Ancient-Egypt-by-Jaromir-Malek.pdf
    • http://loaminoo.linkpc.net/5090092096099090/First-Civilizations-Ancient-Mesopotamia-and-Ancient-Egypt-by-Robert-Chadwick.pdf
    • http://loaminoo.linkpc.net/2097098097099099/With-Moore-at-Corunna-A-Tale-of-the-Peninsular-War-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/2097098098097096/Maori-and-Settler-A-Tale-of-the-New-Zealand-War-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/2097098093099090/Winning-His-Spurs-A-Tale-of-the-Crusades-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/2097098098098093/Under-Drake-s-Flag-A-Tale-of-the-Spanish-Main-by-G-A-Henty.pdf
    • http://loaminoo.linkpc.net/3092091095097090/Magic-in-Ancient-Egypt-by-Geraldine-Pinch.pdf
    • http://loaminoo.linkpc.net/5092093090098091/Desert-God-Ancient-Egypt-5-by-Wilbur-Smith.pdf
    • http://loaminoo.linkpc.net/4090095097096090/Ancient-Egypt-Mesopotamia-Persia-by-Koutsoukis.pdf
    • http://loaminoo.linkpc.net/9090093090099094/A-History-of-Ancient-Egypt-by-Nicolas-Grimal.pdf
    • http://loaminoo.linkpc.net/3092090091092092/Gods-of-Ancient-Egypt-by-Barbara-Watterson.pdf
    • http://loaminoo.linkpc.net/9095094099092090/Conceptions-of-God-in-Ancient-Egypt-by-Erik-Hornung.pdf
    • http://loaminoo.linkpc.net/3092099098099/River-God-Ancient-Egypt-1-by-Wilbur-Smith.pdf
    • http://loaminoo.linkpc.net/1091093098096091094/Death-and-Salvation-in-Ancient-Egypt-by-Jan-Assmann.pdf
    • http://loaminoo.linkpc.net/2094098094095090/Warlock-A-Novel-of-Ancient-Egypt-by-Wilbur-Smith.pdf
    • http://loaminoo.linkpc.net/8099093098097/The-Quest-Ancient-Egypt-4-by-Wilbur-Smith.pdf
    • http://loaminoo.linkpc.net/5090092096099094/The-Birds-Of-Ancient-Egypt-by-Patrick-F-Houlihan.pdf
    • http://loaminoo.linkpc.net/5090092099098094/The-Complete-Temples-of-Ancient-Egypt-by-Richard-H-Wilkinson.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.