Malicious PDF — malware analysis report

Static analysis result for SHA-256 8f42786a6fe936c9…

MALICIOUS

PDF

15.7 KB Created: 2019-05-01 18:32:02 +01:00 Authoring application: mPDF 5.7
MD5: 761ee9d064fba87d770ad44b16d5e0f9 SHA-1: 2f9f84894714ed6f17f250fe2e7d9c9d4c986baf SHA-256: 8f42786a6fe936c9c09bc26d6162ac936323b754c02191b7e2afcd32e9ccec9f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation or as a lure for further malicious activity. No scripts were extracted, and the document body was heavily obfuscated, limiting further analysis of the specific payload.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo
    • http://loaminoo.linkpc.net/2097098090091096/Destiny-Navy-Justice-0-5-by-Don-Brown.pdf
    • http://loaminoo.linkpc.net/4094094094093099/Hostage-Navy-Justice-2-by-Don-Brown.pdf
    • http://loaminoo.linkpc.net/2093093098094090/Code-13-The-Navy-JAG-2-by-Don-Brown.pdf
    • http://loaminoo.linkpc.net/4093092090099097/Araton-s-Destiny-Celestial-Justice-1-by-Serena-Yates.pdf
    • http://loaminoo.linkpc.net/2091096099090096/Destiny-s-Detour-by-Mari-Brown.pdf
    • http://loaminoo.linkpc.net/7094096098097091/Navy-SEALs-Special-Operations-for-the-U-S-Navy-by-Simone-Payment.pdf
    • http://loaminoo.linkpc.net/2098090090094096/Snitch-Informants-Cooperators-amp-the-Corruption-of-Justice-by-Ethan-Brown.pdf
    • http://loaminoo.linkpc.net/3099095097099091/Navy-Husband-Navy-6-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/3099095097099094/Navy-Woman-Navy-4-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/1091096092090091092/US-NAVY-ABBREVIATIONS-AND-SYMBOLS-by-U-S-Department-of-the-Navy.pdf
    • http://loaminoo.linkpc.net/3099096093093093/Navy-Brides-Navy-1-3-by-Debbie-Macomber.pdf
    • http://loaminoo.linkpc.net/2097093097098092/Stand-Your-Ground-Black-Bodies-and-the-Justice-of-God-by-Kelly-Brown-Douglas.pdf
    • http://loaminoo.linkpc.net/4091092093092099/The-Tale-Of-Mr-Peter-Brown---Chelsea-Justice-by-Vita-Sackville-West.pdf
    • http://loaminoo.linkpc.net/4098094092093090/ROMANCE-SHIFTER-ROMANCE-Knocked-Up-By-The-Navy-Shifter-Navy-Seal-Pregnancy-Alpha-Male-Romance-Paranormal-Fantasy-Protector-Short-Stories-by-Silvia-Pierce.pdf
    • http://loaminoo.linkpc.net/3095095099091090/Blair-s-Destiny-The-Destiny-Trilogy-Book-2-by-Miranda-Lynn.pdf
    • http://loaminoo.linkpc.net/2098094097093096/Destiny-Unchained-Shadows-of-Destiny-3-by-Leia-Shaw.pdf
    • http://loaminoo.linkpc.net/4090095096093090/Destiny-s-Foreshore-Destiny-Series-Book-1-by-Mel-Woodall.pdf
    • http://loaminoo.linkpc.net/4097096095093095/Midwife-to-Destiny-Destiny-Series-1-by-Nana-Prah.pdf
    • http://loaminoo.linkpc.net/1095090095097091/Destiny-s-Plan-Destiny-s-Series-1-by-Victoria-Saccenti.pdf
    • http://loaminoo.linkpc.net/9092096091099096/The-Justice-Trilogy-Justice-and-Her-Brothers-Dustland-and-the-Gathering-by-Virginia-Hamilton.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.