Malicious PDF — malware analysis report

Static analysis result for SHA-256 8d758b0ccffb8597…

MALICIOUS

PDF

13.6 KB Created: 2019-05-01 18:44:02 +01:00 Authoring application: mPDF 5.7
MD5: a2376225b8dadd210b76876bdc573321 SHA-1: 46541d7c302ff026fa5260d0519b8488b6e248e4 SHA-256: 8d758b0ccffb8597236f568c76bd44807588af29d0fcd2c14b3f0772036ead8b
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which is indicative of a link farm or phishing attempt. The ML classifier also flagged the document as malicious. While the URLs themselves are currently marked as benign, the sheer volume and the nature of the heuristic suggest a malicious intent to direct users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc
    • http://loaminoo.linkpc.net/2091092096091090/Pure-Pure-1-by-Julianna-Baggott.pdf
    • http://loaminoo.linkpc.net/3092094099091096/Fuse-Pure-2-by-Julianna-Baggott.pdf
    • http://loaminoo.linkpc.net/8091093095099/Burn-Pure-3-by-Julianna-Baggott.pdf
    • http://loaminoo.linkpc.net/2096093090091095/Pure-Distraction-Pure-1-by-Carolina-Barbour.pdf
    • http://loaminoo.linkpc.net/2096097094090099/Pure-Awakening-Pure-Dark-Ones-6-5-by-Aja-James.pdf
    • http://loaminoo.linkpc.net/3099096097090091/Ideas-Pertaining-to-a-Pure-Phenomenology-and-to-a-Phenomenological-Philosophy-First-Book-General-Introduction-to-a-Pure-Phenomenology-by-Edmund-Husserl.pdf
    • http://loaminoo.linkpc.net/1093095097094092/Pure-Dead-Magic-Pure-Dead-1-by-Debi-Gliori.pdf
    • http://loaminoo.linkpc.net/8093094092096090/Cendres-by-Julianna-Baggott.pdf
    • http://loaminoo.linkpc.net/9099091096093/Compulsions-of-Silkworms-and-Bees-Poems-by-Julianna-Baggott.pdf
    • http://loaminoo.linkpc.net/5090090092094094/Pure-Lust-Vol-4-by-M-S-Parker.pdf
    • http://loaminoo.linkpc.net/3094098091098092/Pure-Punishment-by-T-L-Smith.pdf
    • http://loaminoo.linkpc.net/6099097097099094/Pure-of-Heart-by-Auria-Jourdain.pdf
    • http://loaminoo.linkpc.net/1094098093094097/Pure-Covenant-2-by-Jennifer-L-Armentrout.pdf
    • http://loaminoo.linkpc.net/6095093091093099/Pure-Covenant-2-by-Jennifer-L-Armentrout.pdf
    • http://loaminoo.linkpc.net/4094095090093096/Pure-Silk-by-Susan-Johnson.pdf
    • http://loaminoo.linkpc.net/5095091098090094/Pure-Bliss-by-Sarah-Salari.pdf
    • http://loaminoo.linkpc.net/3092092093093099/Pure-Covenant-2-by-Jennifer-L-Armentrout.pdf
    • http://loaminoo.linkpc.net/2096093093090091/The-Pure-And-The-Hated-by-Richard-Godwin.pdf
    • http://loaminoo.linkpc.net/2091095097091095/Pure-Filth-by-Jamie-Gillis.pdf
    • http://loaminoo.linkpc.net/2098097090097097/The-Pure-Land-by-Alan-Spence.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.