Malicious PDF — malware analysis report

Static analysis result for SHA-256 be5a5a7cb996781d…

MALICIOUS

PDF

13.5 KB Created: 2019-05-02 05:25:47 +01:00 Authoring application: mPDF 5.7
MD5: a58a88844ff55cd9a7960c82309eeba1 SHA-1: 287774f1728d5223e7a491b5bc1c9915d760188b SHA-256: be5a5a7cb996781dbd53e38cc75f4887886899a34462a051dc48bcd634b98807
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious with a high probability. The embedded links, such as http://loaminoo.linkpc.net/1092094098095095/Haunting-Joy-Haunting-Joy-1-by-Lena-Goldfinch.pdf, are likely intended to direct users to malicious websites or to engage in SEO spam tactics. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9877

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1092094098095095/Haunting-Joy-Haunting-Joy-1-by-Lena-Goldfinch.pdf
    • http://loaminoo.linkpc.net/4095096/The-Haunting-of-Sunshine-Girl-The-Haunting-of-Sunshine-Girl-1-by-Paige-McKenzie.pdf
    • http://loaminoo.linkpc.net/1096092090097096/The-Language-of-Souls-by-Lena-Goldfinch.pdf
    • http://loaminoo.linkpc.net/4099095095095093/The-Bartered-Bride-The-Brides-3-by-Lena-Goldfinch.pdf
    • http://loaminoo.linkpc.net/4094094094099097/A-Winter-Haunting-by-Dan-Simmons.pdf
    • http://loaminoo.linkpc.net/2090098091093098/The-Haunting-by-Nicole-Garcia.pdf
    • http://loaminoo.linkpc.net/2096097094091/A-Winter-Haunting-by-Dan-Simmons.pdf
    • http://loaminoo.linkpc.net/5096092095095094/The-Seven-Go-Haunting-by-Evelyne-Lallemand.pdf
    • http://loaminoo.linkpc.net/4091097092095/Haunting-Rachel-by-Kay-Hooper.pdf
    • http://loaminoo.linkpc.net/1098094092097096/The-Haunting-of-Granite-Falls-by-Eva-Ibbotson.pdf
    • http://loaminoo.linkpc.net/1090093098098098095/Haunting-Sarah-by-Maggie-Chatterley.pdf
    • http://loaminoo.linkpc.net/5092098093090096/The-Haunting-of-Blackwych-Grange-by-Amy-Cross.pdf
    • http://loaminoo.linkpc.net/9097099092094/The-Haunting-Season-by-Michelle-Muto.pdf
    • http://loaminoo.linkpc.net/1090096092092097/The-Haunting-of-Pico-by-Patrick-Kampman.pdf
    • http://loaminoo.linkpc.net/1090099098095093/Haunting-The-Dusty-Chronicles-1-by-B-J-Sheldon.pdf
    • http://loaminoo.linkpc.net/7097098094098/Street-Haunting-by-Virginia-Woolf.pdf
    • http://loaminoo.linkpc.net/1094098097099095/Deception-Haunting-Emma-1-by-Lee-Nichols.pdf
    • http://loaminoo.linkpc.net/4093091094095093/The-Haunting-of-Brier-Rose-by-Patricia-Simpson.pdf
    • http://loaminoo.linkpc.net/8092098096093093/The-Lee-Avenue-Haunting-by-Donna-Parish-Bischoff.pdf
    • http://loaminoo.linkpc.net/3096094098090098/Haunting-Miss-Trentwood-by-Belinda-Kroll.pdf
    • http://loaminoo.linkpc.net/1090

Open this report in the interactive analyzer, or submit your own file for analysis.