PDF malware analysis — malicious · 93ba76676b7e972a

MALICIOUS

PDF

18.0 KB Created: 2019-05-07 06:21:46 +01:00 Authoring application: mPDF 5.7

MD5: 7c4f64344e73f441ff42dbd106b7e40f SHA-1: 7a540d1f2c627464bcaccb7846e72f4bc8056ded SHA-256: 93ba76676b7e972ae994b6de6191f867a9f0b7b8b403462694ca5c5b9f45df7e

60 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links to external PDF documents, a technique often used for SEO manipulation or to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass external PDF link farm, with the dominant host being 'loaminoo.linkpc.net'. While the document body is unreadable, the presence of numerous links suggests a deceptive or manipulative purpose. No scripts were extracted from this sample.

Heuristics 2

Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM

Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://loaminoo.linkpc.net/1091097099091091097/HOLY-BIBLE-FOR-CHILDREN-1-by-THEMIS-KOUTRAS.pdf
- http://loaminoo.linkpc.net/1091097099090090090/MY-MARTIAL-ART-STORY-BY-THEMIS-KOUTRAS-by-GOD-ALMIGHTY-CREATOR-OF-LIFE-EMANUEL-HOLY-PERFECT.pdf
- http://loaminoo.linkpc.net/1091097099091091093/Picture-reading-self-defense-by-THEMIS-KOUTRAS.pdf
- http://loaminoo.linkpc.net/1091097099091093094/SPACE-AND-TIME-TRAVELER-TRUTH-IS-NOW-REVEALED-by-THEMIS-KOUTRAS.pdf
- http://loaminoo.linkpc.net/8090097097092099/King-James-The-Holy-Bible-the-bible-bible-bible-study-jesus-religion-religious-heaven-king-james-old-testament-new-testament-prayer-books-christian-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3094093091096098/Holy-Bible-One-Year-Bible-New-Living-Translation-Compact-Edition-by-Anonymous.pdf
- http://loaminoo.linkpc.net/1091099092097093090/The-Holy-Bible---ESV-Bible-The-Thinline-Edition-TruTone-Espresso-by-Anonymous.pdf
- http://loaminoo.linkpc.net/4092099093093098/The-Bible-s-Cutting-Room-Floor-The-Holy-Scriptures-Missing-from-Your-Bible-by-Joel-M-Hoffman.pdf
- http://loaminoo.linkpc.net/1091096099099091093/Holy-Bible-New-International-Version-with-concordance-dictionary-maps-and-other-Bible-study-resources-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3096093097093090/The-Holy-Bible-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3094090093093099/The-Holy-Bible-by-Anonymous.pdf
- http://loaminoo.linkpc.net/9096091097093/The-Holy-Bible-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3092092098095092/Holy-Bible-by-Vanessa-Russell.pdf
- http://loaminoo.linkpc.net/7094096095095098/Holy-Bible-New-Century-Version-by-Anonymous.pdf
- http://loaminoo.linkpc.net/1091097098099091093/Themis-Bar-Review-2013-14-New-York-by-Themis.pdf
- http://loaminoo.linkpc.net/1091097098099093093/themis-bar-review-2012-2013-by-Themis.pdf
- http://loaminoo.linkpc.net/4095092096096093/The-Holy-Bible-Douay-Rheims-Version-by-Anonymous.pdf
- http://loaminoo.linkpc.net/1099091096093092/The-Holy-Bible-Douay-Rheims-Version-by-Anonymous.pdf
- http://loaminoo.linkpc.net/5092094097094/Holy-Bible-King-James-Version-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3098090094097/The-Holy-Bible-English-Standard-Version-by-Anonymous.pdf
- http://loaminoo.linkpc.net/3094093091096098/H

Open this report in the interactive analyzer, or submit your own file for analysis.