Malicious PDF — malware analysis report

Static analysis result for SHA-256 a625e576ebb62fa6…

MALICIOUS

PDF

14.9 KB Created: 2019-05-02 19:39:24 +01:00 Authoring application: mPDF 5.7
MD5: 8e8239dbc52a81c95fe83a87ca62b3ec SHA-1: 2bce9d18f84bdb9295936ce5a46c9cb68efd62d5 SHA-256: a625e576ebb62fa69155103b96758b88287e16efa745162efed0acf22af1aa74
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a significant number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to various book titles hosted on the 'loaminoo.linkpc.net' domain. While the URLs themselves are marked as confirmed benign, the sheer volume and structure suggest a link farm or SEO manipulation tactic, which can be a precursor to malicious activity. No scripts were extracted, and the document body was heavily corrupted, limiting further analysis of the specific intent.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3097099096093099/Stone-and-a-Hard-Place-Alastair-Stone-Chronicles-1-by-R-L-King.pdf
    • http://loaminoo.linkpc.net/1091092096094098096/Flesh-and-Stone-Alastair-Stone-Chronicles-8-by-R-L-King.pdf
    • http://loaminoo.linkpc.net/3098090093099093/Blood-and-Stone-Alastair-Stone-Chronicles-6-by-R-L-King.pdf
    • http://loaminoo.linkpc.net/3098090093099094/Core-of-Stone-Alastair-Stone-Chronicles-5-by-R-L-King.pdf
    • http://loaminoo.linkpc.net/3098090097092099/The-Threshold-Alastair-Stone-Chronicles-3-by-R-L-King.pdf
    • http://loaminoo.linkpc.net/3095093094097090/Hard-As-Stone-Soulshares-1-by-Rory-Ni-Coileain.pdf
    • http://loaminoo.linkpc.net/3093090099097093/Doing-Hard-Time-Stone-Barrington-27-by-Stuart-Woods.pdf
    • http://loaminoo.linkpc.net/1095091096092098/The-Place-of-Truth-Stone-of-Light-4-by-Christian-Jacq.pdf
    • http://loaminoo.linkpc.net/4094098093095/Children-of-the-Stone-The-Power-of-Music-in-a-Hard-Land-by-Sandy-Tolan.pdf
    • http://loaminoo.linkpc.net/1095098090090097/Cast-the-First-Stone-Ellie-Stone-Mysteries-5-by-James-W-Ziskin.pdf
    • http://loaminoo.linkpc.net/1095097097094092/Styx-amp-Stone-Ellie-Stone-Mysteries-1-by-James-W-Ziskin.pdf
    • http://loaminoo.linkpc.net/1096092096094099/Legacy-Of-Stone-Saskatchewan-s-Stone-Buildings-by-Margaret-Hryniuk.pdf
    • http://loaminoo.linkpc.net/5094090090095/Written-in-Stone-Evolution-the-Fossil-Record-and-Our-Place-in-Nature-by-Brian-Switek.pdf
    • http://loaminoo.linkpc.net/2099094098090097/The-Witch-Stone-Court-of-Ash-and-Stone-1-by-Jasmine-Hong.pdf
    • http://loaminoo.linkpc.net/1094094093099093/Stepping-Stone-The-Stone-Series-2-by-Dakota-Willink.pdf
    • http://loaminoo.linkpc.net/4090094092091093/Stepping-Stone-The-Stone-Series-2-by-Dakota-Willink.pdf
    • http://loaminoo.linkpc.net/2091092091094098/Cold-As-Stone-Family-Stone-7-by-Lisa-Hughey.pdf
    • http://loaminoo.linkpc.net/2095098090090093/Stone-Cold-Revenge-Set-in-Stone-2-by-Jess-Macallan.pdf
    • http://loaminoo.linkpc.net/2099095092094097/Windcatcher-Stone-War-Chronicles-1-by-A-J-Norfield.pdf
    • http://loaminoo.linkpc.net/3095093098095093/The-Sword-in-the-Stone-The-Once-and-Future-King-1-by-T-H-White.pdf
    • http://loaminoo.linkpc.net/1096092096094099/Legac

Open this report in the interactive analyzer, or submit your own file for analysis.