Malicious PDF — malware analysis report

Static analysis result for SHA-256 b029543461f1a6c9…

MALICIOUS

PDF

13.1 KB Created: 2019-05-02 18:58:53 +01:00 Authoring application: mPDF 5.7
MD5: 1b6ba5ed2749ad7d9f99a5ab7ef14764 SHA-1: 8136931de2e08aa249a89dbea7f458b8b77da35c SHA-256: b029543461f1a6c9ebef24531df43d83f8a1d9fcaeb742be84e5b7cff25407f0
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded links to external PDF files, primarily hosted on the loaminoo.linkpc.net domain. This suggests a link farm or redirection scheme designed to drive traffic to other content. The ML classifier also flagged this PDF as malicious. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9006

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090095094098094099/AJ-s-Salvation-by-Sam-Destiny.pdf
    • http://loaminoo.linkpc.net/8099094096/Salvation-Salvation-Sequence-1-by-Peter-F-Hamilton.pdf
    • http://loaminoo.linkpc.net/3090098097091098/My-Salvation-Salvation-1-by-Michelle-Dare.pdf
    • http://loaminoo.linkpc.net/3095095099091090/Blair-s-Destiny-The-Destiny-Trilogy-Book-2-by-Miranda-Lynn.pdf
    • http://loaminoo.linkpc.net/4097096095093095/Midwife-to-Destiny-Destiny-Series-1-by-Nana-Prah.pdf
    • http://loaminoo.linkpc.net/4090095096093090/Destiny-s-Foreshore-Destiny-Series-Book-1-by-Mel-Woodall.pdf
    • http://loaminoo.linkpc.net/2098094097093096/Destiny-Unchained-Shadows-of-Destiny-3-by-Leia-Shaw.pdf
    • http://loaminoo.linkpc.net/1095090095097091/Destiny-s-Plan-Destiny-s-Series-1-by-Victoria-Saccenti.pdf
    • http://loaminoo.linkpc.net/9098092091097094/Flirting-with-Destiny-Welcome-to-Destiny-6-by-Christyne-Butler.pdf
    • http://loaminoo.linkpc.net/3097094090090098/Christmas-in-Destiny-Destiny-7-by-Toni-Blake.pdf
    • http://loaminoo.linkpc.net/2094099095092093/Destiny-s-Surrender-Destiny-2-by-Beverly-Jenkins.pdf
    • http://loaminoo.linkpc.net/3093098092094090/Destiny-Destiny-1-by-Laura-DeLuca.pdf
    • http://loaminoo.linkpc.net/5090092099092099/Destiny-Destiny-1-by-Cindy-Ray-Hale.pdf
    • http://loaminoo.linkpc.net/2098098099097095/Destiny-and-Faith-Go-to-Twincentric-Academy-Destiny-And-Faith-1-by-Teddy-O-39-Malley.pdf
    • http://loaminoo.linkpc.net/9091090095094094/Tamara-s-Salvation-by-Nia-Green.pdf
    • http://loaminoo.linkpc.net/9093090090099098/The-Salvation-of-Tanlegalle-by-Tim-Ahrens.pdf
    • http://loaminoo.linkpc.net/7092095090096/Salvation-by-Noelle-Adams.pdf
    • http://loaminoo.linkpc.net/9091095095097095/Individuation-and-Salvation-by-Unknown.pdf
    • http://loaminoo.linkpc.net/4093095090093097/Salvation-s-Reach-by-Dan-Abnett.pdf
    • http://loaminoo.linkpc.net/1092092099096099/Salvation-by-Anne-Osterlund.pdf
    • http://loaminoo.linkpc.net/2094099095092093/Destiny-s-Surrender-Destiny

Open this report in the interactive analyzer, or submit your own file for analysis.