Malicious PDF — malware analysis report

Static analysis result for SHA-256 c14cc9df22629d86…

MALICIOUS

PDF

38.7 KB Created: 2019-04-30 05:14:06 +01:00 Authoring application: mPDF 5.7
MD5: 8f49826bece1bc087ad77332f927359c SHA-1: 3ceee092673ae0c0cd800b8c653388b3fba8609a SHA-256: c14cc9df22629d865c4e1acf51c9d3040a438b11e01c82a6e3fe62cbad0c3efd
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. These links appear to be part of a link farm designed to direct users to various websites. The document body contains many of these URLs, suggesting a lure to click through to external content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4090098098093092/John-Barleycorn-quot-Alcoholic-Memoirs-quot-by-Jack-London.pdf
    • http://loaminoo.linkpc.net/5094092093097099/Asterix-amp-Friends-quot-Asterix-the-Gladiator-quot-quot-Asterix-in-Switzerland-quot-quot-Mansions-of-the-Gods-quot-quot-Asterix-and-the-Laurel-Wreath-quot-quot-Obelix-and-Co-quot-by-Ren-Goscinny.pdf
    • http://loaminoo.linkpc.net/1090094090095094094/Vergleich-Der-Darstellung-Des-quot-Wunderbaren-quot-in-Johann-Hartliebs-quot-Alexanderroman-quot-Und-Gottfried-Von-Straburgs-quot-Tristan-quot-by-Katharina-Neuhaus.pdf
    • http://loaminoo.linkpc.net/8097096094092096/Zauberherz-und-Liebeswunder-Drei-Romane-in-einem-eBook-quot-Body-Switch-quot-quot-Hungry-for-Love-quot-und-quot-Von-M-usen-und-Million-ren-quot-by-Ashley-Bloom.pdf
    • http://loaminoo.linkpc.net/2098098092095097/The-Third-Inspector-Morse-Omnibus-quot-Last-Bus-to-Woodstock-quot-quot-Wench-Is-Dead-quot-quot-Jewel-That-Was-Ours-quot-by-Colin-Dexter.pdf
    • http://loaminoo.linkpc.net/1091092098090097097/Philosophische-Elemente-im-Werk-von-Max-Frisch-Grundph-nomene-menschlicher-Existenz-in-den-Romanen-quot-Stiller-quot-quot-Homo-faber-quot-und-quot-Mein-Name-sei-Gantenbein-quot-by-Frauke-Maria-Ho-.pdf
    • http://loaminoo.linkpc.net/1091096094095093098/Utopische-Prosa-ALS-L-Ngeres-Gedankenspiel-Untersuchungen-Zu-Arno-Schmidts-Theorie-Der-Modernen-Literatur-Und-Ihrer-Konkretisierung-in-quot-Schwarze-Spiegel-quot-quot-die-Gelehrtenrepublik-quot-Und-quot-Kaff-Auch-Mare-Crisium-quot-by-Boy-Hinrichs.pdf
    • http://loaminoo.linkpc.net/1091096094095093097/Der-Ausflug-Ins-Innere-Der-Eigenen-Personlichkeit-Zur-Funktion-Der-Zitate-Im-Werk-Arno-Schmidts-Am-Beispiel-Von-quot-Brand-s-Haide-quot-quot-Kaff-Auch-Mare-Crisium-quot-Und-quot-Zettel-s-Traum-quot-by-Wolfgang-Hink.pdf
    • http://loaminoo.linkpc.net/2098097097097093/Ruth-Rendell-Omnibus-II-quot-From-Doon-with-Death-quot-quot-Some-Lie-and-Some-Die-quot-quot-Shake-Hands-for-Ever-quot-quot-A-Sleeping-Life-quot-by-Ruth-Rendell.pdf
    • http://loaminoo.linkpc.net/9095096092095096/Metafiktion-und-sthetik-in-Christa-Wolfs-quot-Nachdenken-ber-Christa-T-quot-quot-Kindheitsmuster-quot-und-quot-Sommerst-ck-quot-by-Ursula-Ackrill.pdf
    • http://loaminoo.linkpc.net/1090097099092096097/Gerhart-Hauptmann-quot-Bahnw-rter-Thiel-quot-quot-Vor-Sonnenaufgang-quot-quot-Der-Apostel-quot-quot-Der-Ketzer-von-Soana-quot-by-Gerhart-Hauptmann.pdf
    • http://loaminoo.linkpc.net/3093090096095/My-Story-quot-A-Child-Called-It-quot-quot-The-Lost-Boy-quot-quot-A-Man-Named-Dave-quot-by-Dave-Pelzer.pdf
    • http://loaminoo.linkpc.net/1090092097092096097/Herr-Regentropf-und-seine-Welt-Aus-der-Reihe-quot-Wunderbare-Geschichten-quot-f-r-quot-Bezaubernde-Kinder-quot-quot-Wunderbare-Geschichten-quot-f-r-quot-Bezaubernde-Kinder-quot-1-by-Friederike-Anhalt.pdf
    • http://loaminoo.linkpc.net/2094094097092094/Bloody-Jack-Being-an-Account-of-the-Curious-Adventures-of-Mary-quot-Jacky-quot-Faber-Ship-s-Boy-Bloody-Jack-1-by-L-A-Meyer.pdf
    • http://loaminoo.linkpc.net/1096094095099/-quot-G-quot-is-for-Grafton-The-World-of-Kinsey-Millhone-Revised-and-Updated-through-quot-O-quot-IS-FOR-OUTLAW-by-Natalie-Hevener-Kaufman.pdf
    • http://loaminoo.linkpc.net/1091092094096095095/-quot-Bewahret-euch-vor-Weibertucken-quot-No-11-from-quot-Die-Zauberflote-quot-Act-2-K620-Full-Score-by-Wolfgang-Amadeus-Mozart.pdf
    • http://loaminoo.linkpc.net/7098096098091092/Liturgy-and-Drama-in-the-Anglo-Norman-quot-Adam-quot-quot-Medium-Aevum-quot-Monograph-by-Lynette-R-Muir.pdf
    • http://loaminoo.linkpc.net/9095096092095097/-quot-Heikel-bis-heute-quot-Frauen-und-Nationalsozialismus-Der-Opfermythos-in-Christa-Wolfs-quot-Kindheitsmuster-quot-by-Ruth-Waldeck.pdf
    • http://loaminoo.linkpc.net/1090099096095099095/-quot-Der-Club-Dumas-quot-und-die-quot-Neun-Pforten-quot-Ein-Vergleich-in-Inhalt-Erz-hlsituation-und-Intermedialit-t-by-Frauke-Itzerott.pdf
    • http://loaminoo.linkpc.net/8093091096094090/-quot-Herr-und-Freund-wie-dank-ich-dir-quot-No-6-from-quot-Zaide-quot-Act-1-K336b-K344-Full-Score-by-Wolfgang-Amadeus-Mozart.pdf
    • http://loaminoo.linkpc.net/8097096094092096/Zauberherz-und-Liebeswunder-Drei-Romane-in-einem-eBook-quot-Body-Sw

Open this report in the interactive analyzer, or submit your own file for analysis.