Malicious PDF — malware analysis report

Static analysis result for SHA-256 c14ed94c7b6cffbe…

MALICIOUS

PDF

12.5 KB Created: 2019-05-02 05:10:52 +01:00 Authoring application: mPDF 5.7
MD5: 3d44ebea6f9d6f4d6dd806061ea6edd5 SHA-1: c15083a39f0c7846496c449829f86f62b02c924d SHA-256: c14ed94c7b6cffbe1b1da983aa77d35e94fa6fd75ae9c03c9967029beb9083b2
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. These links point to other PDF files hosted on loaminoo.linkpc.net. While the individual linked PDFs are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation, distributing further malicious content, or as part of a larger phishing campaign. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4093090092098097/Law-Man-Dream-Man-3-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/8099098091096098/Wild-Man-Dream-Man-2-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/4097095098090097/Complicated-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/5097090098/Complicated-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3095098091093/The-Will-Magdalene-1-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3097094093093/For-You-The-Burg-1-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/2094095092097093/The-Deep-End-Honey-1-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/7096095097093096/Valentinos-Chaos-4-25-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3096096090097091/Fantastical-Fantasyland-3-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/2095090096095091/At-Peace-The-Burg-2-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/4092096094091092/Free-Chaos-6-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/2093092096093090/Play-It-Safe-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/4095098093099092/Soaring-Magdalene-2-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3099092095091095/The-Promise-The-Burg-5-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/1094098098099092/Wild-and-Free-The-Three-3-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/1092092095093095/Wild-Like-the-Wind-Chaos-5-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3098090096091/Knight-Unfinished-Hero-1-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/3099090095093/Raid-Unfinished-Hero-3-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/1090094090092090093/Knight-Unfinished-Hero-1-by-Kristen-Ashley.pdf
    • http://loaminoo.linkpc.net/4097099091098099/More-Pleasure-than-Pain-Chaos-3-5-by-Kristen-Ashley.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.