Malicious PDF — malware analysis report

Static analysis result for SHA-256 b9bf29cfa0ab65f9…

MALICIOUS

PDF

12.8 KB Created: 2019-05-02 00:53:46 +01:00 Authoring application: mPDF 5.7
MD5: 5544dc04bd08b3c2216540054aff991c SHA-1: 431d4bc1c54557e04162f128b14e801191463c1e SHA-256: b9bf29cfa0ab65f9eb5b70a230db2db0ded92fe77ce4d94f3f64e264952fb29e
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. These links, such as http://loaminoo.linkpc.net/1097093095099095/Believe-A-Wanted-Christmas-Wanted-3-5-by-Kelly-Elliott.pdf, are likely intended to lure users to malicious websites for further exploitation or phishing. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1097093095099095/Believe-A-Wanted-Christmas-Wanted-3-5-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/3090091091099099/Wanted-Wanted-1-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/3098091095091/Wanted-Wanted-1-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/1097093091091097/Cherished-Wanted-4-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/1092096098091099/Faithful-Wanted-3-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/1094097098091095/Without-You-Love-Wanted-in-Texas-1-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/4091092097091097/Without-You-Love-Wanted-in-Texas-1-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/1094096096096091/Holding-You-Love-Wanted-In-Texas-3-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/3094094098097090/Saving-You-Love-Wanted-in-Texas-2-by-Kelly-Elliott.pdf
    • http://loaminoo.linkpc.net/1091094096095/Wanted-Most-Wanted-1-by-J-Kenner.pdf
    • http://loaminoo.linkpc.net/1090090096094097/My-Dear-I-Wanted-to-Tell-You-My-Dear-I-Wanted-to-Tell-You-1-by-Louisa-Young.pdf
    • http://loaminoo.linkpc.net/3094097093091099/All-I-Wanted-Was-A-Mate-All-I-Wanted-Was-A-Mate-1-by-Sydney724.pdf
    • http://loaminoo.linkpc.net/1097095093096097/What-You-Always-Wanted-If-Only--8-by-Kristin-Rae.pdf
    • http://loaminoo.linkpc.net/2099099096099/A-Wanted-Man-by-Lee-Child.pdf
    • http://loaminoo.linkpc.net/3092097092095092/Most-Wanted-by-Rae-Carson.pdf
    • http://loaminoo.linkpc.net/1090093099099090/All-I-ve-Never-Wanted-by-Ana-Huang.pdf
    • http://loaminoo.linkpc.net/8091096098/All-We-Ever-Wanted-by-Emily-Giffin.pdf
    • http://loaminoo.linkpc.net/1095094092095097/Everything-I-Never-Wanted-to-Be-by-Dina-Kucera.pdf
    • http://loaminoo.linkpc.net/1090095097093097/Because-They-Wanted-To-by-Mary-Gaitskill.pdf
    • http://loaminoo.linkpc.net/3099098092090097/A-Most-Wanted-Man-by-John-le-Carr-.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.