Malicious PDF — malware analysis report

Static analysis result for SHA-256 c5a66e4f3bb41470…

MALICIOUS

PDF

14.0 KB Created: 2019-05-02 21:08:44 +01:00 Authoring application: mPDF 5.7
MD5: 6fdc04bd3b1181e9491d056a040a62a9 SHA-1: 93164f957ddec7cdb9b6a027716e9f4970dd14f5 SHA-256: c5a66e4f3bb41470eb2acf3b53ffff7d204f303ea48c375f56351ad05466b436
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a large number of embedded links, identified as a PDF_SEO_LINK_FARM heuristic. The links point to various PDF files hosted on loaminoo.linkpc.net. While the URLs themselves are marked as benign, the sheer volume and pattern suggest a potential SEO manipulation or a distribution mechanism for malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3092095092095095/Rampant-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/2095099098090096/Sorceress-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/7090095092091095/Minding-Amy-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/2099095094097091/Secrets-Volume-12-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/4092095092098096/The-Harlot-Taskill-Witches-1-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/7090095092092096/Holly-s-Intuition-Erogenous-Zones-2-by-Saskia-Walker.pdf
    • http://loaminoo.linkpc.net/1090094094096092091/Double-Dare-War-Games-4-by-Vicki-Hinze.pdf
    • http://loaminoo.linkpc.net/4093093095095095/Truth-or-Dare-Dare-to-Love-1-by-Mira-Lyn-Kelly.pdf
    • http://loaminoo.linkpc.net/3095099090097098/Deadly-Double-Florida-Mystery-Double-Feature-2-by-Diane-Capri.pdf
    • http://loaminoo.linkpc.net/9093091093098090/Double-or-Nothing-Star-Trek-Double-Helix-5-by-Peter-David.pdf
    • http://loaminoo.linkpc.net/1091095096092096096/The-New-English-Theatre-Vol-9-Amphitryon-Double-Dealer-Double-Gallant-Inconstant-Constant-Couple-by-Library-of-Congress.pdf
    • http://loaminoo.linkpc.net/5097099096093097/Double-Her-Fantasy-Double-Seduction-1-by-Randi-Alexander.pdf
    • http://loaminoo.linkpc.net/2094091098098092/Double-Time-Double-Threat-3-by-Julie-Prestsater.pdf
    • http://loaminoo.linkpc.net/1096094097095096/Double-Double-by-Michael-Jan-Friedman.pdf
    • http://loaminoo.linkpc.net/4090099091096096/The-Other-Me-by-Saskia-Sarginson.pdf
    • http://loaminoo.linkpc.net/5093098091096091/Unlocking-the-Patmos-Code-by-Walker-William-Walker.pdf
    • http://loaminoo.linkpc.net/2095092097095099/Zin-in-zonde-by-Saskia-Hope.pdf
    • http://loaminoo.linkpc.net/2096096098092092/The-Stranger-by-Saskia-Sarginson.pdf
    • http://loaminoo.linkpc.net/1098098098095097/Double-Threat-My-Bleep-Double-Threat-2-by-Julie-Prestsater.pdf
    • http://loaminoo.linkpc.net/7092091095093090/Fight-of-the-Walker-The-Walker-3-by-Coralee-June.pdf
    • http://loaminoo.linkpc.net/1091095096092096096/The-New-English-

Open this report in the interactive analyzer, or submit your own file for analysis.