Malicious PDF — malware analysis report

Static analysis result for SHA-256 c698967f0432e7e8…

MALICIOUS

PDF

13.9 KB Created: 2019-04-30 04:23:58 +01:00 Authoring application: mPDF 5.7
MD5: 9851983406f6ef01feaacd034e00ca3f SHA-1: 1bbf3782d423d5db87ef1468aefdcfce10c3efc8 SHA-256: c698967f0432e7e8ef72206ce99c1390ab6c41a314a049c0feeb6e1e2fa5145f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation or to serve as a distribution point for further malware. The ML classifier also flagged this PDF with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/7099091090098097/Convergence-Speed-Force-1-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091091095099/Convergence-Speed-Force-2-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090099097/Convergence-Aquaman-1-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091092090098/Convergence-Green-Lantern-Parallax-2-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091091095098/R-E-B-E-L-S-Vol-3-The-Son-and-the-Stars-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091092090099/Supergirl-28-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091092091093/Supergirl-32-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090096098/R-E-B-E-L-S-Vol-1-The-Coming-of-Starro-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090099096/Green-Lantern-New-Guardians-2-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090099091/DC-Universe-Online-Legends-Vol-2-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091092091091/Gotham-City-Sirens-13-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091092090091/Negation-Volume-2-Baptism-of-Fire-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090098096/Wonder-Woman-Tasmanian-Devil-Special-1-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090097090/Exiles-Ultimate-Collection-Book-4-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090098092/Exiles-Ultimate-Collection-Book-5-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090096096/Exiles-Ultimate-Collection-Book-3-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/6095091095096090/Gotham-City-Sirens-Vol-3-Strange-Fruit-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099090099095096/Green-Lantern-Corps-Volume-8-The-Weaponer-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091090096093/Supergirl-and-the-Legion-of-Super-Heroes-Vol-6-The-Quest-for-Cosmic-Boy-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099090099095094/Green-Lantern-Corps-Volume-7-Revolt-of-the-Alpha-Lanterns-by-Tony-Bedard.pdf
    • http://loaminoo.linkpc.net/7099091

Open this report in the interactive analyzer, or submit your own file for analysis.