Malicious PDF — malware analysis report

Static analysis result for SHA-256 c3577dc0f4662c6f…

MALICIOUS

PDF

10.9 KB Created: 2019-05-02 17:50:39 +01:00 Authoring application: mPDF 5.7
MD5: abac10874411dd38f370a778c40e89df SHA-1: 75c178815c72cd0d82dd3f4dcb831872a65e6d30 SHA-256: c3577dc0f4662c6f57b68e5a3241adc95abe29c2abd8ceb44e7443114536938c
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO manipulation or to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' specifically flags this behavior, indicating a potential attempt to drive traffic or distribute further payloads. While the URLs themselves are currently marked as benign, the sheer volume and the nature of the heuristic suggest a malicious intent, likely to lead users to malicious content or phishing pages.

Machine Learning

  • Nyx PDF Classifier malicious score 0.6061

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/8092095095099097/amuse-bouche-goes-Latin-Volume-2-the-amuse-bouche-series-by-Gillie-Bowen.pdf
    • http://loaminoo.linkpc.net/8092095095096093/amuse-bouche-by-Gillie-Bowen.pdf
    • http://loaminoo.linkpc.net/8092095096095090/La-bouche-cossaise-by-Godefroy-De-La-Mettrie.pdf
    • http://loaminoo.linkpc.net/8092095096094093/La-Grenouille-a-Grande-Bouche-by-lodie-Nouhen.pdf
    • http://loaminoo.linkpc.net/8092095095095095/Bouche-cousue-by-Jean-Baptiste-Messier.pdf
    • http://loaminoo.linkpc.net/7091098098090098/Please-Help-Me-Lift-Something-Heavy-Thank-You-True-Stories-to-Amuse-and-Inspire-You-and-Maybe-Bring-a-Joyous-Tear-or-Two-by-Rick-Gelinas.pdf
    • http://loaminoo.linkpc.net/9095090099092096/Verkauft-an-die-Buschm-nner-Hardcore-Erotik-by-Lariana-Bouche.pdf
    • http://loaminoo.linkpc.net/8092095094099097/Cr-ez-la-tendance-Du-bouche-oreille-au-marketing-viral-by-Jonah-Berger.pdf
    • http://loaminoo.linkpc.net/1090096093097099090/Fick-Picknick-Gangbang-im-Freien-Eine-Kurzgeschichte-mit-Hardcore-Erotik-by-Lariana-Bouche.pdf
    • http://loaminoo.linkpc.net/8098094098095093/History-s-Trickiest-Questions-450-Questions-That-Will-Stump-Amuse-and-Surprise-by-Paul-Kuttner.pdf
    • http://loaminoo.linkpc.net/1090096093097099090/Fick-Picknick-Gangbang-im-Freien-Eine-Kurzgeschichte-mit-Hardcore-

Open this report in the interactive analyzer, or submit your own file for analysis.