Malicious PDF — malware analysis report

Static analysis result for SHA-256 c11dccb3fca13270…

MALICIOUS

PDF

16.5 KB Created: 2019-05-02 00:50:58 +01:00 Authoring application: mPDF 5.7
MD5: d833b5d20da06c3b096f65483cce1cf6 SHA-1: 833eed710d3853e73b7c65439bd19edb0f714141 SHA-256: c11dccb3fca13270ee1fabf92acac9db3f8471588fffa2061e81eef469620414
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to external resources, suggesting a tactic to drive traffic or host further malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9090099095/Always-Look-on-the-Bright-Side-of-Life-A-Sortabiography-by-Eric-Idle.pdf
    • http://loaminoo.linkpc.net/2096098096095093/Be-a-Unicorn-and-Live-Life-on-the-Bright-Side-by-Sarah-Ford.pdf
    • http://loaminoo.linkpc.net/3095095090094/Bright-Side-Bright-Side-1-by-Kim-Holden.pdf
    • http://loaminoo.linkpc.net/6099093094093/Bright-Side-Bright-Side-1-by-Kim-Holden.pdf
    • http://loaminoo.linkpc.net/6098095095090/The-Road-To-Mars-by-Eric-Idle.pdf
    • http://loaminoo.linkpc.net/3098098092092097/On-The-Bright-Side-by-S-R-Johannes.pdf
    • http://loaminoo.linkpc.net/1096097098091090/Gus-Bright-Side-2-by-Kim-Holden.pdf
    • http://loaminoo.linkpc.net/4096093094099092/Franco-Bright-Side-3-by-Kim-Holden.pdf
    • http://loaminoo.linkpc.net/2091097099096099/The-Bright-Side-Of-Disaster-by-Katherine-Center.pdf
    • http://loaminoo.linkpc.net/3095095092093095/And-the-Good-News-Is-Lessons-and-Advice-from-the-Bright-Side-by-Dana-Perino.pdf
    • http://loaminoo.linkpc.net/1091092090097090097/All-That-Makes-Life-Bright-The-Life-and-Love-of-Harriet-Beecher-Stowe-by-Josi-S-Kilpack.pdf
    • http://loaminoo.linkpc.net/2094093093098091/A-Life-of-Bright-Ideas-by-Sandra-Kring.pdf
    • http://loaminoo.linkpc.net/2092098099091092/After-Life-Answers-from-the-Other-Side-by-John-Edward.pdf
    • http://loaminoo.linkpc.net/2099093095094092/My-Formerly-Hot-Life-Dispatches-from-Just-the-Other-Side-of-Young-by-Stephanie-Dolgoff.pdf
    • http://loaminoo.linkpc.net/5092091097094099/The-Dark-Side-Of-Life-In-Victorian-Halifax-by-Judith-Fingard.pdf
    • http://loaminoo.linkpc.net/5094092099090090/Mad-Women-The-Other-Side-of-Life-on-Madison-Avenue-in-the-60s-and-Beyond-by-Jane-Maas.pdf
    • http://loaminoo.linkpc.net/3099096090091095/Bright-Beyond-Episode-1-Bright-Beyond-1-by-Theresa-Kay.pdf
    • http://loaminoo.linkpc.net/1096095095091/The-Dark-Side-Of-Genius-The-Life-Of-Alfred-Hitchcock-by-Donald-Spoto.pdf
    • http://loaminoo.linkpc.net/2092093093092096/Blessings-From-the-Other-Side-Wisdom-and-Comfort-from-the-Afterlife-for-this-Life-by-Sylvia-Browne.pdf
    • http://loaminoo.linkpc.net/8099090098097/A-Soprano-on-Her-Head-Right-Side-Up-Reflections-on-Life-and-Other-Performances-by-Eloise-Ristad.pdf
    • http://loaminoo.linkpc.net/2099093095094092/My-Formerly-Hot-Lif

Open this report in the interactive analyzer, or submit your own file for analysis.