Malicious PDF — malware analysis report

Static analysis result for SHA-256 d324aa75527ffc9e…

MALICIOUS

PDF

14.3 KB Created: 2019-05-02 07:17:01 +01:00 Authoring application: mPDF 5.7
MD5: d0349d6f4fe988b7f4e339c47b2dcffa SHA-1: 5f5e051966bb4f11fde46bdd649d2cae992a1b7a SHA-256: d324aa75527ffc9e2bc7d645f3f99ff36c1b7bc59fec8be8b43c7b3072e0669f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 User Execution: Malicious File

The PDF contains a large number of embedded links, identified as a 'PDF_SEO_LINK_FARM' heuristic. While the URLs themselves are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation or to distribute further payloads. The ML classifier also flagged the PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/4099097098095094/The-God-in-the-Middle-by-Satyajit-Nair.pdf
    • http://loaminoo.linkpc.net/7093095094091090/The-Bandits-of-Bombay-by-Satyajit-Ray.pdf
    • http://loaminoo.linkpc.net/9097090092099096/Emperor-s-Ring-by-Satyajit-Ray.pdf
    • http://loaminoo.linkpc.net/4093097098091/The-Adventures-of-Feluda-by-Satyajit-Ray.pdf
    • http://loaminoo.linkpc.net/1098094090097093/The-Complete-Adventures-of-Feluda-Vol-2-by-Satyajit-Ray.pdf
    • http://loaminoo.linkpc.net/1099094090096095/The-Spirit-of-Lagaan-The-Extraordinary-Story-of-the-Creators-of-a-Classic-by-Satyajit-Bhatkal.pdf
    • http://loaminoo.linkpc.net/6094098095/An-Unkindness-of-Magicians-by-Kat-Howard.pdf
    • http://loaminoo.linkpc.net/3098097095090091/Magicians-Impossible-by-Brad-Abraham.pdf
    • http://loaminoo.linkpc.net/7090092096094093/The-Morning-of-the-Magicians-by-Louis-Pauwels.pdf
    • http://loaminoo.linkpc.net/1090091099098/The-Magician-s-Land-The-Magicians-3-by-Lev-Grossman.pdf
    • http://loaminoo.linkpc.net/3097095098096090/The-Magician-s-Land-The-Magicians-3-by-Lev-Grossman.pdf
    • http://loaminoo.linkpc.net/1090091097090091/The-Magicians-and-the-Magician-King-by-Lev-Grossman.pdf
    • http://loaminoo.linkpc.net/2097091094099096/The-Magician-King-The-Magicians-2-by-Lev-Grossman.pdf
    • http://loaminoo.linkpc.net/1097098090097096/The-Magicians-of-Caprona-Chrestomanci-2-by-Diana-Wynne-Jones.pdf
    • http://loaminoo.linkpc.net/7096096091098090/The-Untold-Magicians-Magic-Tricks-by-Criss-Angel.pdf
    • http://loaminoo.linkpc.net/1095098093099093/The-Magicians-of-Caprona-Chrestomanci-4-by-Diana-Wynne-Jones.pdf
    • http://loaminoo.linkpc.net/4093098098094090/Flashing-Swords-4-Barbarians-and-Black-Magicians-by-Lin-Carter.pdf
    • http://loaminoo.linkpc.net/9090090093095095/We-Will-Meet-Again-by-Tarang-Sinha.pdf
    • http://loaminoo.linkpc.net/2095099096096095/The-Magicians-Guild-Black-Magician-Trilogy-1-by-Trudi-Canavan.pdf
    • http://loaminoo.linkpc.net/1090093098093097099/Qabalah-Workbook-for-Magicians-A-Guide-to-the-Sephiroth-by-Anita-Kraft.pdf
    • http://loaminoo.linkpc.net/2097091094099096/The-Magician-King-The-Magicians-2-by

Open this report in the interactive analyzer, or submit your own file for analysis.