Malicious PDF — malware analysis report

Static analysis result for SHA-256 8ce85d191d233a49…

MALICIOUS

PDF

16.3 KB Created: 2019-04-30 02:53:47 +01:00 Authoring application: mPDF 5.7
MD5: cf0e45cd69d876c1f3c95576114b2167 SHA-1: 9cb7697c6f8a28a1b6aaee0901d348642cec4f7c SHA-256: 8ce85d191d233a49a7452f9d10472b93175e955cdf282972db8082459e865ade
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are marked as benign, the sheer volume and the heuristic 'PDF_SEO_LINK_FARM' indicate a likely attempt to manipulate search engine results or distribute potentially harmful content through these links. The ML classifier also flagged the PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1091098091097092/The-Indigo-Dress-And-Other-Stories-by-Rona-Murray.pdf
    • http://loaminoo.linkpc.net/3098096090091099/Dress-Her-in-Indigo-Travis-McGee-11-by-John-D-MacDonald.pdf
    • http://loaminoo.linkpc.net/3092091094094096/The-Indigo-Journals-Spiritual-Healing-For-Indigo-Adults-amp-Other-Feminine-Souls-by-Yol-Swan.pdf
    • http://loaminoo.linkpc.net/5093099096093092/Indigo-s-Demons-Indigo-s-Dragon-Book-2-by-Sofi-Croft.pdf
    • http://loaminoo.linkpc.net/6092099096097095/Indigo-Infinity-The-Indigo-Trilogy-3-by-Jacinda-Buchmann.pdf
    • http://loaminoo.linkpc.net/1096092096096094/Indigo-Incite-Indigo-1-by-Jacinda-Buchmann.pdf
    • http://loaminoo.linkpc.net/6097096098098093/Night-Shivers-An-Indigo-Court-Novella-Indigo-Court-5-5-by-Yasmine-Galenorn.pdf
    • http://loaminoo.linkpc.net/3098096098098094/Inappropriate-Behavior-Stories-by-Murray-Farish.pdf
    • http://loaminoo.linkpc.net/5096099099099093/Glory-of-Love-Indigo-Sensous-Love-Stories-by-Sinclair-LeBeau.pdf
    • http://loaminoo.linkpc.net/3092095093097097/The-New-Penguin-Book-of-Scottish-Short-Stories-by-Ian-Murray.pdf
    • http://loaminoo.linkpc.net/8098092096099093/Tales-Of-St-Francis-Ancient-Stories-For-Contemporary-Times-by-Murray-Bodo.pdf
    • http://loaminoo.linkpc.net/2099097099094092/Caught-in-the-Web-of-Words-James-A-H-Murray-amp-the-Oxford-English-Dictionary-by-K-M-Elisabeth-Murray.pdf
    • http://loaminoo.linkpc.net/2091099098090095/The-Succubus-in-a-Red-Dress-The-Succubus-in-a-Red-Dress-1-by-Daniel-David-Garcia.pdf
    • http://loaminoo.linkpc.net/3099099098091097/Legends-of-the-Black-Orchid-by-Murray-Ian-Murray.pdf
    • http://loaminoo.linkpc.net/4099092094096090/The-Best-of-Everything-by-Rona-Jaffe.pdf
    • http://loaminoo.linkpc.net/4097097090098095/Janet-My-Mother-and-Me-A-Memoir-of-Growing-Up-with-Janet-Flanner-and-Natalia-Danesi-Murray-by-William-Murray.pdf
    • http://loaminoo.linkpc.net/7095099097098092/Groomed-by-Jess-Rona.pdf
    • http://loaminoo.linkpc.net/4094099093096091/Five-Women-by-Rona-Jaffe.pdf
    • http://loaminoo.linkpc.net/4099090097099097/The-Road-Taken-by-Rona-Jaffe.pdf
    • http://loaminoo.linkpc.net/1091096091092095094/The-Cousins-by-Rona-Jaffe.pdf
    • http://loaminoo.linkpc.net/3092095093097097/The-New-Penguin-Book-of-Scottish-Short-Stor

Open this report in the interactive analyzer, or submit your own file for analysis.