PDF malware analysis — malicious · 98d7c02c35186959

MALICIOUS

PDF

17.5 KB Created: 2019-05-02 05:54:20 +01:00 Authoring application: mPDF 5.7

MD5: 469f93029e470ad7af1729ff6b0feaad SHA-1: 656f1ccb55aa6aed39345ef78f309a610dd601f0 SHA-256: 98d7c02c35186959616f734b8073c006de53c8e891d9c4812a7c066a833861ce

90 Risk Score

Malware Insights

MITRE ATT&CK

T1566.001 Phishing: Spearphishing Attachment T1059.001 Command and Scripting Interpreter: PowerShell

The PDF file contains a large number of embedded URLs, identified as a link farm. The primary heuristic indicates this is a critical finding related to SEO poisoning. While the URLs themselves are marked as benign, the sheer volume and the heuristic firing suggest a malicious intent to direct traffic or potentially host malicious content. No scripts were extracted from this sample.

Machine Learning

Nyx PDF Classifier malicious score 0.9925

Heuristics 2

Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM

Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://unieoooq.linkpc.net/24e94e04e44e94e1/Mail-Order-Doctor-Brides-of-Tombstone-2-by-Cynthia-Woolf.pdf
- http://unieoooq.linkpc.net/44e94e44e64e54e3/Nellie-The-Brides-of-San-Francisco-1-by-Cynthia-Woolf.pdf
- http://unieoooq.linkpc.net/14e74e34e74e74e7/Montana-Bride-Mail-Order-Brides-3-by-Joan-Johnston.pdf
- http://unieoooq.linkpc.net/74e34e44e74e4/Emma-Mail-Order-Brides-Club-1-by-Ashley-Merrick.pdf
- http://unieoooq.linkpc.net/94e74e84e44e04e0/Emmy-Lou-Come-By-Chance-Mail-Order-Brides-6-by-Juliet-James.pdf
- http://unieoooq.linkpc.net/24e04e44e24e44e9/Blackthorne-s-Bride-Mail-Order-Brides-4-by-Joan-Johnston.pdf
- http://unieoooq.linkpc.net/24e94e24e54e94e4/Mail-Order-Meddler-Brides-of-Beckham-10-by-Kirsten-Osbourne.pdf
- http://unieoooq.linkpc.net/24e44e54e94e04e7/Texas-Bride-Mail-Order-Brides-1-by-Joan-Johnston.pdf
- http://unieoooq.linkpc.net/74e64e14e64e04e8/The-Dancing-Bride-Central-City-Brides-1-by-Cynthia-Woolf.pdf
- http://unieoooq.linkpc.net/74e14e34e14e04e0/Sorcha-Clover-Springs-Mail-Order-Brides-3-by-Rachel-Wesson.pdf
- http://unieoooq.linkpc.net/54e74e74e84e8/Westward-Winds-Montana-Mail-Order-Brides-1-by-Linda-Bridey.pdf
- http://unieoooq.linkpc.net/44e14e44e34e94e8/Darcy-Mail-Order-Brides-of-the-West-5-Montana-Sky-by-Debra-Holland.pdf
- http://unieoooq.linkpc.net/24e44e64e04e84e3/Desperate-Lola-The-Mail-Order-Brides-of-Boot-Creek-2-by-Carr-White.pdf
- http://unieoooq.linkpc.net/94e24e74e84e74e4/The-Miner-s-Healing-Bride-Big-Bertha-s-Mail-Order-Brides-5-by-Faith-Johnson.pdf
- http://unieoooq.linkpc.net/64e14e94e14e14e9/Nancy-amp-Claudine-The-Mail-Order-Brides-of-Russets-Reach-4-by-Indiana-Wake.pdf
- http://unieoooq.linkpc.net/24e44e64e04e84e1/Shameful-Celia-The-Mail-Order-Brides-of-Boot-Creek-3-by-Carr-White.pdf
- http://unieoooq.linkpc.net/44e24e14e14e24e2/Hearts-West-True-Stories-of-Mail-Order-Brides-on-the-Frontier-by-Chris-Enss.pdf
- http://unieoooq.linkpc.net/64e84e84e34e74e0/Zeke-Bayou-Springs-Alien-Mail-Order-Brides-1-Intergalactic-Dating-Agency-8-by-Kenzie-Cox.pdf
- http://unieoooq.linkpc.net/94e84e84e84e94e1/Big-Beautiful-Bride-For-The-Reluctant-Preacher-Colorado-Wildnerness-Mail-Order-Brides-1-by-Rosie-Attwood.pdf
- http://unieoooq.linkpc.net/44e44e34e74e04e4/Axion-Red-Rock-Alien-Mail-Order-Brides-2-Intergalactic-Dating-Agency-11-by-Erin-Kellison.pdf
- http://unieoooq.linkpc.net/24e44e64e04e84e3/Desperate-Lola-The-Mail-Order-Brides-of-Boot-Creek

Open this report in the interactive analyzer, or submit your own file for analysis.