Malicious PDF — malware analysis report

Static analysis result for SHA-256 bdad1af636abeca6…

MALICIOUS

PDF

14.6 KB Created: 2019-04-30 02:31:20 +01:00 Authoring application: mPDF 5.7
MD5: 0d0435873e7e46e236bd7adcb9022df7 SHA-1: 7f6bfe39ce05c02d6a81274d6eaed281ee734cae SHA-256: bdad1af636abeca6b8a6a9f22ed48363c4ada400e31570134e6b99261fbaa70f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a large number of embedded URLs, each pointing to a PDF file with a book title in its name. This technique is often used for SEO poisoning or to lure users to malicious content. The ML classifier strongly indicated maliciousness, and the PDF_SEO_LINK_FARM heuristic confirms the presence of a link farm, suggesting a phishing or redirection attempt.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/8093095098097096/Ties-that-bind-Communities-in-American-history-by-Lisa-B-Auel.pdf
    • http://loaminoo.linkpc.net/3094099096098094/Ties-That-Bind-by-Heather-Huffman.pdf
    • http://loaminoo.linkpc.net/3099095098095091/The-Ties-That-Bind-by-Erin-Kelly.pdf
    • http://loaminoo.linkpc.net/7092098093090092/The-Ties-That-Bind-by-Vanessa-Duri-s.pdf
    • http://loaminoo.linkpc.net/6097092093095095/The-Ties-That-Bind-Never-Forgotten-by-S-A-J-Friederich.pdf
    • http://loaminoo.linkpc.net/3092098091099095/Ties-That-Bind-The-Bellum-Sisters-3-by-T-A-Grey.pdf
    • http://loaminoo.linkpc.net/7090099097095097/The-Ties-That-Bind-An-as-I-Lay-Dying-Novel-by-Katie-Miller.pdf
    • http://loaminoo.linkpc.net/2097098097098099/The-Tangled-Ties-That-Bind-by-Mary-Connealy.pdf
    • http://loaminoo.linkpc.net/2093099098096092/The-Colour-of-Vengeance-The-Ties-That-Bind-2-by-Rob-J-Hayes.pdf
    • http://loaminoo.linkpc.net/1095097093093095/The-Price-of-Faith-The-Ties-That-Bind-3-by-Rob-J-Hayes.pdf
    • http://loaminoo.linkpc.net/1091093092095094/Holding-On-and-Letting-Go-The-Ties-That-Bind-Us-1-by-Lucy-A-Kelly.pdf
    • http://loaminoo.linkpc.net/3098098096090095/The-Ties-That-Bind-Slave-World-2-by-Johnny-Stone.pdf
    • http://loaminoo.linkpc.net/7093090099098097/The-Ties-That-Bind-Ariel-Kimber-4-by-Mary-Martel.pdf
    • http://loaminoo.linkpc.net/6093093093093098/The-Ties-That-Bind-Bruce-Springsteen-A-to-Z-by-Gary-Graff.pdf
    • http://loaminoo.linkpc.net/2099095098095098/Bound-for-the-Holidays-Ties-That-Bind-1-by-Mackenzie-McKade.pdf
    • http://loaminoo.linkpc.net/4099099094095096/Ties-that-Bind-The-Amish-of-Summer-Grove-1-by-Cindy-Woodsmall.pdf
    • http://loaminoo.linkpc.net/4097097099097090/Blood-Lines-Book-1-Ties-That-Bind-by-Mehran-Khan.pdf
    • http://loaminoo.linkpc.net/1096099098093097/Killing-Time-Ties-That-Bind-Trilogy-1-by-Elle-Chardou.pdf
    • http://loaminoo.linkpc.net/8095092098094090/1886-Ties-That-Bind-A-Story-of-Politics-Graft-and-Greed-by-A-E-Wasserman.pdf
    • http://loaminoo.linkpc.net/4098092098092098/Ties-That-Bind-Celestial-Wars-Saga-Book-1-by-Karen-Buckeridge.pdf
    • http://loaminoo.linkpc.net/7093090099098

Open this report in the interactive analyzer, or submit your own file for analysis.