Malicious PDF — malware analysis report

Static analysis result for SHA-256 c8de9e13138b4580…

MALICIOUS

PDF

17.0 KB Created: 2019-05-02 01:15:58 +01:00 Authoring application: mPDF 5.7
MD5: 99863d073811daed09b015829a43cdc9 SHA-1: 73ffe524746f0db76f5f35eabd9d50d06ae4e848 SHA-256: c8de9e13138b4580bc11482e393e13befe559b16910c11cae5ab703badef3ffe
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file was flagged by a machine learning classifier and a critical heuristic for containing a large number of embedded links. These links, predominantly hosted on 'loaminoo.linkpc.net', suggest a link farm or a distribution mechanism for further malicious content. The document body was unreadable, but the presence of numerous links strongly indicates a malicious intent to redirect users to potentially harmful sites.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4093096093091090/Miniature-Men-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/4096099099096090/The-Universe-in-Miniature-in-Miniature-by-Patrick-Somerville.pdf
    • http://loaminoo.linkpc.net/5094096090095/M-Is-for-Mama-s-Boy-NERDS-2-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/4095093098094097/Raging-Sea-Undertow-2-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/1091094093097090095/The-Cheerleaders-of-Doom-NERDS-3-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/3099093091091/Magic-and-Other-Misdemeanors-The-Sisters-Grimm-5-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/3090097099098/Kel-Gilligan-39-s-Daredevil-Stunt-Show-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/2099091098096096/The-Fairy-Tale-Detectives-The-Sisters-Grimm-1-by-Michael-Buckley.pdf
    • http://loaminoo.linkpc.net/6090098098099095/Miniature-Bonsai-by-Herb-Gustafson.pdf
    • http://loaminoo.linkpc.net/9096095099092093/Miniature-Quilling-by-Diane-Boden-Crane.pdf
    • http://loaminoo.linkpc.net/9098093097096095/Malice-In-Miniature-Dorothy-Martin-4-by-Jeanne-M-Dams.pdf
    • http://loaminoo.linkpc.net/1090097090094093095/Symphony-No-35-in-D-Major-Haffner-KV-385-Miniature-Score-by-Wolfgang-Ama-Mozart.pdf
    • http://loaminoo.linkpc.net/6092095091093092/On-Longing-Narratives-of-the-Miniature-the-Gigantic-the-Souvenir-the-Collection-by-Susan-Stewart.pdf
    • http://loaminoo.linkpc.net/3097096090092094/The-Miniature-World-of-Marvin-amp-James-The-Masterpiece-Adventures-1-by-Elise-Broach.pdf
    • http://loaminoo.linkpc.net/6095090094090098/Gardening-in-Miniature-Create-Your-Own-Tiny-Living-World-by-Janit-Calvo.pdf
    • http://loaminoo.linkpc.net/9092098091091099/Weaving-Designs-by-Bertha-Gray-Hayes-Miniature-Overshot-Patterns-by-Weavers-Guild-of-Rhode-Island.pdf
    • http://loaminoo.linkpc.net/5092097094093096/Ancient-Near-Eastern-Seals-from-the-Kist-Collection-Three-Millennia-of-Miniature-Reliefs-by-Joost-Kist.pdf
    • http://loaminoo.linkpc.net/1098096095090097/The-Things-That-Keep-Us-Here-by-Carla-Buckley.pdf
    • http://loaminoo.linkpc.net/3096090094096099/Nostalgia-by-Jonathan-Buckley.pdf
    • http://loaminoo.linkpc.net/4094099094090096/Invisible-by-Carla-Buckley.pdf
    • http://loaminoo.linkpc.net/9098093097

Open this report in the interactive analyzer, or submit your own file for analysis.