Malicious PDF — malware analysis report

Static analysis result for SHA-256 c70541f9617bbcfb…

MALICIOUS

PDF

13.6 KB Created: 2020-03-19 00:53:50 +00:00 Authoring application: mPDF 5.7
MD5: 9254bbd161c4001f05bafc6109c4a401 SHA-1: 3f998c861a369a66191ace7074350c8d859f5f67 SHA-256: c70541f9617bbcfbf29343bd1f2d78f4a7c75db88f87c568885a940b8f2a305b
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to external domains and appear to be part of a link farm, likely intended for SEO manipulation or to distribute further malicious content. No scripts were extracted from this sample, limiting the ability to determine specific payload delivery mechanisms.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://weisncio.myhome.cx/1628629628629621/Promise-Road-Walking-Through-the-Process-that-Manifests-the-Promise-by-Letetia-Mullenix.pdf
    • http://weisncio.myhome.cx/9628629624622/Promise-of-Home-Promise-Series---the-Grahams-Book-2-by-Jennifer-Woodhull.pdf
    • http://weisncio.myhome.cx/1620623628628/Avatar-The-Last-Airbender-The-Promise-Part-1-The-Promise-1-by-Gene-Luen-Yang.pdf
    • http://weisncio.myhome.cx/2628628627629629/Avatar-The-Last-Airbender-The-Promise-Part-1-The-Promise-1-by-Gene-Luen-Yang.pdf
    • http://weisncio.myhome.cx/1621625622621624623/God-s-Story---Through-The-Bible-Promise-By-Promise-by-Philip-Greenslade.pdf
    • http://weisncio.myhome.cx/1628628622626624/Promise-Me-Always-Pinky-Promise-Sisterhood-1-by-Christine-Lynxwiler.pdf
    • http://weisncio.myhome.cx/1622624628/Broken-Promise-Promise-Falls-1-by-Linwood-Barclay.pdf
    • http://weisncio.myhome.cx/2622620622628624/Promise-Me-This-Promise-Me-1-by-Sarah-Ashley-Jones.pdf
    • http://weisncio.myhome.cx/3628623624622/Promise-Me-Light-Promise-Me-2-by-Paige-Weaver.pdf
    • http://weisncio.myhome.cx/1627629623620625/Promise-Me-Promise-Me-1-by-Tara-Fox-Hall.pdf
    • http://weisncio.myhome.cx/2623626622626620/A-Promise-is-a-Promise-by-Robert-Munsch.pdf
    • http://weisncio.myhome.cx/7626620621625628/Midnight-In-New-Promise-New-Promise-1-by-Lon-Prater.pdf
    • http://weisncio.myhome.cx/2628622624621629/I-Promise-To-by-Zoe-Burton.pdf
    • http://weisncio.myhome.cx/1626627627627625/A-Man-s-Promise-by-A-T-Russell.pdf
    • http://weisncio.myhome.cx/1627620625620620/The-Promise-by-Kim-Carmichael.pdf
    • http://weisncio.myhome.cx/7625629623628625/Promise-me-Me-5-by-Liz-Appel.pdf
    • http://weisncio.myhome.cx/1621623620626629621/The-Promise-by-Ann-Weisgarber.pdf
    • http://weisncio.myhome.cx/2629623628629626/One-Promise-Too-Many-by-Rick-Bylina.pdf
    • http://weisncio.myhome.cx/3624620625622628/A-Promise-Kept-by-Robin-Lee-Hatcher.pdf
    • http://weisncio.myhome.cx/8627620629622/Promise-Not-to-Tell-by-Jennifer-McMahon.pdf
    • http://weisncio.myhome.cx/7626620621625628/Midnight-In-New-Promise-New-Pro

Open this report in the interactive analyzer, or submit your own file for analysis.