Malicious PDF — malware analysis report

Static analysis result for SHA-256 902e032999992ddf…

MALICIOUS

PDF

15.7 KB Created: 2019-05-01 17:20:32 +01:00 Authoring application: mPDF 5.7
MD5: d077fc536960b62257f7b3ed0d4c4710 SHA-1: a7b94927d799e37bc0dddba88e5b65d2e41174e0 SHA-256: 902e032999992ddf169772cea9f431f12b2e24461292cb67ec8bb27f1f8ce8ef
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves point to book titles and are currently marked as benign, the sheer volume and SEO-like structure suggest a malicious intent to manipulate search engine rankings or distribute further malicious content. The ML classifier also strongly flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/2095090099099093/Incognito-The-Secret-Lives-of-the-Brain-by-David-Eagleman.pdf
    • http://loaminoo.linkpc.net/6094098097093/Incognito-The-Secret-Lives-of-the-Brain-by-David-Eagleman.pdf
    • http://loaminoo.linkpc.net/1098096095/The-Brain-The-Story-of-You-by-David-Eagleman.pdf
    • http://loaminoo.linkpc.net/8091092096098090/Incognito-Sinful-Incognito-13-5-by-Madison-Layle.pdf
    • http://loaminoo.linkpc.net/2095096090094097/The-Secret-Life-of-the-Mind-How-Your-Brain-Thinks-Feels-and-Decides-by-Mariano-Sigman.pdf
    • http://loaminoo.linkpc.net/5096097095096099/Secret-Lives-by-Diane-Chamberlain.pdf
    • http://loaminoo.linkpc.net/3096090092090093/Secret-Lives-by-Barbara-Ardinger.pdf
    • http://loaminoo.linkpc.net/2092096094099091/Your-Brain-at-Work-by-David-Rock.pdf
    • http://loaminoo.linkpc.net/1091098090092099095/Perceptual-Intelligence-The-Brain-s-Secret-to-Seeing-Past-Illusion-Misperception-and-Self-Deception-by-Brian-Boxer-Wachler.pdf
    • http://loaminoo.linkpc.net/3099090096096095/The-Secret-Lives-of-Dresses-by-Erin-McKean.pdf
    • http://loaminoo.linkpc.net/2093091091099095/My-Brain-is-Hanging-Upside-Down-by-David-Heatley.pdf
    • http://loaminoo.linkpc.net/9095098095097093/Strange-Tales-of-Secret-Lives-by-Jeff-VanderMeer.pdf
    • http://loaminoo.linkpc.net/2092094098090090/Secret-Lives-Darke-Academy-1-by-Gabriella-Poole.pdf
    • http://loaminoo.linkpc.net/2094092097091098/The-Secret-Lives-of-People-in-Love-by-Simon-Van-Booy.pdf
    • http://loaminoo.linkpc.net/3091094091093093/An-Unsuitable-Duchess-Secret-Lives-of-the-Ton-1-by-Laurie-Benson.pdf
    • http://loaminoo.linkpc.net/1090092096095098/How-We-Live-and-Why-We-Die-The-Secret-Lives-of-Cells-by-Lewis-Wolpert.pdf
    • http://loaminoo.linkpc.net/2091097093093095/Hot-for-Him-Secret-Lives-of-Daytime-Divas-3-by-Sarah-Mayberry.pdf
    • http://loaminoo.linkpc.net/5097096097095093/What-Makes-Your-Brain-Happy-and-Why-You-Should-Do-the-Opposite-by-David-DiSalvo.pdf
    • http://loaminoo.linkpc.net/6093095095097096/Beneath-the-Metropolis-The-Secret-Lives-of-Cities-by-Alex-Marshall.pdf
    • http://loaminoo.linkpc.net/4094090090091/Goddess-The-Secret-Lives-of-Marilyn-Monroe-by-Anthony-Summers.pdf
    • http://loaminoo.linkpc.net/3099090096096095/

Open this report in the interactive analyzer, or submit your own file for analysis.