Malicious PDF — malware analysis report

Static analysis result for SHA-256 aa60cc71a33f74eb…

MALICIOUS

PDF

15.6 KB Created: 2019-04-30 09:01:40 +01:00 Authoring application: mPDF 5.7
MD5: 4727113f75fa93dc5671a43c5289cd07 SHA-1: e06d5f64f79e2d38083843a962a4984c7e1c1379 SHA-256: aa60cc71a33f74ebbced89330eae1218c2ceaba30c505fb2d53195eef20ecbaa
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a large number of embedded URLs, forming a link farm. The primary heuristic indicates this is a critical finding, suggesting the document's purpose is to direct users to numerous external sites. While the specific intent beyond link distribution is unclear, the sheer volume of links points to a potential SEO manipulation or a broad phishing attempt. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/5090098096091094/August-Strindberg-Selected-Essays-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/4094091091092094/By-the-Open-Sea-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/2096094096094093/Easter-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/1091097091092096098/Heiraten-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/4097094093094097/Three-Plays-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/9094098092093095/August-Strindberg-by-Olaf-Lagercrantz.pdf
    • http://loaminoo.linkpc.net/4091099092096092/Miss-Julie-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/2096094096097090/The-Road-to-Damascus-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/2096093099093098/The-Dance-of-Death-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/4093099091097093/Miss-Julie-and-Other-Plays-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/8098096093093092/From-an-Occult-Diary-Marriage-With-Harriet-Bosse-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/3090094091097095/There-Are-Crimes-and-Crimes-by-August-Strindberg.pdf
    • http://loaminoo.linkpc.net/1098095092095099/Boo-and-Baa-Have-Company-by-Olof-Landstr-m.pdf
    • http://loaminoo.linkpc.net/1090094097093090096/The-Messenger-Must-Die-by-Kjell-Olof-Bornemark.pdf
    • http://loaminoo.linkpc.net/8093094091099091/Politikern-Olof-Palme-by-Lars-Ingvar-Jonson.pdf
    • http://loaminoo.linkpc.net/1090094097093092090/The-Dividing-Line-A-Spy-Thriller-by-Kjell-Olof-Bornemark.pdf
    • http://loaminoo.linkpc.net/1090092092098092093/Archives-And-Libraries-In-The-City-Of-Assur-1-A-Survey-Of-The-Material-From-The-German-Excavations-Part-I-by-Olof-Pedersen.pdf
    • http://loaminoo.linkpc.net/4097096090095095/Strindberg-A-Life-by-Sue-Prideaux.pdf
    • http://loaminoo.linkpc.net/3099092093091094/Master-of-Wisdom-Writings-of-the-Buddhist-Master-Nagarjuna-by-Christian-Lindtner.pdf
    • http://loaminoo.linkpc.net/4098090094097093/Miria-Becomes-His---Owned-by-the-Master-Book-One-A-BDSM-Master-Slave-Romance-by-Casey-Cane.pdf
    • http://loaminoo.linkpc.net/1090094097093090

Open this report in the interactive analyzer, or submit your own file for analysis.