Malicious PDF — malware analysis report

Static analysis result for SHA-256 a9403684c57b19de…

MALICIOUS

PDF

14.0 KB Created: 2019-04-30 02:17:31 +01:00 Authoring application: mPDF 5.7
MD5: 5df1f546c1cf8d4eb6a86db3c1a9979b SHA-1: a65bc2d465358b6b193dfa5aafa927eb84c38b3b SHA-256: a9403684c57b19de69849b874f0e949d7083ec3170cd1f52bf6560327d305730
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified as a PDF_SEO_LINK_FARM heuristic. These URLs point to various book titles hosted on loaminoo.linkpc.net. While the URLs themselves are marked as confirmed_benign, the sheer volume and the nature of the heuristic suggest a potential attempt to use the document for SEO manipulation or to lure users to download potentially malicious content disguised as legitimate files. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4098094094096090/Dark-Age-Red-Rising-Saga-5-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/9091094092/Iron-Gold-Red-Rising-Saga-4-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/4096091094098093/Iron-Gold-Red-Rising-Saga-4-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/2092092092090099/Iron-Gold-Red-Rising-Saga-4-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/5090095097095099/Red-Rising-Red-Rising-Trilogy-1-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/6/Golden-Son-Red-Rising-2-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/2094094098097093/Golden-Son-Red-Rising-2-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/6099097090097/Morning-Star-Red-Rising-Trilogy-3-by-Pierce-Brown.pdf
    • http://loaminoo.linkpc.net/4096095093094093/The-Dark-Is-Rising-The-Dark-is-Rising-2-by-Susan-Cooper.pdf
    • http://loaminoo.linkpc.net/4095099092098097/Dark-Passion-Rising-Dark-Breed-Enforcers-1-by-Shannan-Albright.pdf
    • http://loaminoo.linkpc.net/4099091097091097/Temperatures-Rising-by-Sandra-Brown.pdf
    • http://loaminoo.linkpc.net/9098096093/Rising-Strong-by-Bren-Brown.pdf
    • http://loaminoo.linkpc.net/4091098092096099/Ash-Book-One-in-the-Rising-Ash-Saga-by-R-G-Westerman.pdf
    • http://loaminoo.linkpc.net/3096091090091092/The-Reckoning-Ragnarok-Rising-Saga-2-by-D-A-Roberts.pdf
    • http://loaminoo.linkpc.net/4093099091096092/A-MORE-PERFECT-UNION-SUPREMACY-RISING-Book-II-by-Holly-Brown.pdf
    • http://loaminoo.linkpc.net/1095095099091094/Dark-Creations-Gabriel-Rising-Dark-Creations-1-2-by-Jennifer-Martucci.pdf
    • http://loaminoo.linkpc.net/5090091098098097/Rising-Tides-Chesapeake-Bay-Saga-2-by-Nora-Roberts.pdf
    • http://loaminoo.linkpc.net/3098099095096095/Rising-Tides-Chesapeake-Bay-Saga-2-by-Nora-Roberts.pdf
    • http://loaminoo.linkpc.net/4091096090094096/Startide-Rising-The-Uplift-Saga-2-by-David-Brin.pdf
    • http://loaminoo.linkpc.net/1092099094097094/Midnight-Rising-John-Brown-and-the-Raid-That-Sparked-the-Civil-War-by-Tony-Horwitz.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.