Malicious PDF — malware analysis report

Static analysis result for SHA-256 ce5142c9e3f0585f…

MALICIOUS

PDF

12.2 KB Created: 2019-04-30 04:06:35 +01:00 Authoring application: mPDF 5.7
MD5: 45013180aac9947d5c65292584592b2a SHA-1: d9c4ba57600fae9e3c0a4981d68ab2dc835362ea SHA-256: ce5142c9e3f0585fc95e03c5d181d1de0dfcba007291b51920ac19779d33cf68
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a heuristic firing for a link farm, with numerous embedded URLs pointing to external PDF documents. While the document body is unreadable, the presence of a link farm suggests an attempt to manipulate search engine results or to distribute further malicious content. The primary attack pattern involves leveraging these links for potentially harmful purposes.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/3099091092096092/The-Drowning-The-Drowning-1-by-Rachel-Ward.pdf
    • http://loaminoo.linkpc.net/9097097090095098/Steven-Ehrlich-Houses-by-Steven-Ehrlich.pdf
    • http://loaminoo.linkpc.net/1093095098096/Jack-on-the-Tracks-Four-Seasons-of-Fifth-Grade-Jack-Henry-4-by-Jack-Gantos.pdf
    • http://loaminoo.linkpc.net/3092099090098094/The-Edict-by-Max-Ehrlich.pdf
    • http://loaminoo.linkpc.net/9097096098099098/The-Edict-by-Max-Ehrlich.pdf
    • http://loaminoo.linkpc.net/9097096099090090/The-Cult-by-Max-Ehrlich.pdf
    • http://loaminoo.linkpc.net/9097096098092091/Thumbelina-by-Amy-Ehrlich.pdf
    • http://loaminoo.linkpc.net/1093091098093093/Drowning-Anna-by-Sue-Mayfield.pdf
    • http://loaminoo.linkpc.net/1099093095093092/Saving-Fish-from-Drowning-by-Amy-Tan.pdf
    • http://loaminoo.linkpc.net/8098094097092099/Man-Drowning-by-Henry-Kuttner.pdf
    • http://loaminoo.linkpc.net/9097096099090094/Grant-Speaks-by-E-V-Ehrlich.pdf
    • http://loaminoo.linkpc.net/3094096094095/Saving-Fish-from-Drowning-by-Amy-Tan.pdf
    • http://loaminoo.linkpc.net/1097097098/The-Drowning-Game-by-L-S-Hawker.pdf
    • http://loaminoo.linkpc.net/2096095092090098/Nest-by-Esther-Ehrlich.pdf
    • http://loaminoo.linkpc.net/4097098096090096/One-Man-Drowning-by-Steph-Minns.pdf
    • http://loaminoo.linkpc.net/2096094090095090/Saving-Fish-from-Drowning-by-Amy-Tan.pdf
    • http://loaminoo.linkpc.net/9098094099098/The-Snow-Queen-by-Amy-Ehrlich.pdf
    • http://loaminoo.linkpc.net/3099098092095094/Drowning-in-Fire-by-Craig-S-Womack.pdf
    • http://loaminoo.linkpc.net/2097094092099/Drowning-Towers-by-George-Turner.pdf
    • http://loaminoo.linkpc.net/1098097093096095/The-Reincarnation-of-Peter-Proud-by-Max-Ehrlich.pdf
    • http://loaminoo.linkpc.net/109709709

Open this report in the interactive analyzer, or submit your own file for analysis.