Malicious PDF — malware analysis report

Static analysis result for SHA-256 d4affcabf373d393…

MALICIOUS

PDF

14.4 KB Created: 2019-04-30 02:43:16 +01:00 Authoring application: mPDF 5.7
MD5: c705fd5ae9ea39d0dfeb70163a21ba80 SHA-1: add61a760faae3efbb8b0ffdac2f24378024ad7d SHA-256: d4affcabf373d3932446b520da84f28483a7e4a3fb68b56ada37aaa091167200
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. These links point to various PDF documents hosted on the same domain, suggesting a link farm or a distribution mechanism for potentially malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9200

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/7095093097096094/Vibrations-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/7095093097096093/Mechanical-Vibrations-by-Singiresu-S-Rao.pdf
    • http://loaminoo.linkpc.net/7095093097096092/Sunset-Vibrations-by-M-J-Harty.pdf
    • http://loaminoo.linkpc.net/4090090093096093/Raising-Our-Vibrations-for-the-New-Age-by-Sherri-Cortland.pdf
    • http://loaminoo.linkpc.net/7095093097097093/Truth-Vibrations-by-David-Icke.pdf
    • http://loaminoo.linkpc.net/7095093097096096/Theory-of-Vibrations-with-Applications-by-William-T-Thomson.pdf
    • http://loaminoo.linkpc.net/1090094090094095098/Random-Vibrations-Theory-and-Practice-by-Paul-H-Wirsching.pdf
    • http://loaminoo.linkpc.net/7095093098091093/Infinite-Mind-Science-of-the-Human-Vibrations-of-Consciousness-by-Valerie-V-Hunt.pdf
    • http://loaminoo.linkpc.net/1092091095097092/Underlying-Vibrations-The-Photography-and-Life-of-John-Vanderpant-by-Sheryl-Salloum.pdf
    • http://loaminoo.linkpc.net/7095093098091094/Molecular-Vibrations-The-Theory-of-Infrared-and-Raman-Vibrational-Spectra-by-E-Bright-Wilson.pdf
    • http://loaminoo.linkpc.net/4090096099097094/The-Quantum-Cosmic-Affirmations---Inspirational-Channeling-of-Light-Vibrations-by-Ana-Stasi-Fennell.pdf
    • http://loaminoo.linkpc.net/3092091096095096/Static-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/4096099094092093/Under-a-Sky-of-Ash-by-Brandon-Witt.pdf
    • http://loaminoo.linkpc.net/6093093090090/Static-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/4092092098097095/Hiatus-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/2097097099091092/From-Out-in-the-Cold-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/3092092097099099/Trust-Me-Cover-Me-2-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/4095093093098092/Hostile-Ground-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/2098096094098099/The-Walls-of-Troy-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/2098095099090099/Hostile-Ground-by-L-A-Witt.pdf
    • http://loaminoo.linkpc.net/4090096099097094/The-Quantum-Cosmic-Affirmations---Inspirational-C

Open this report in the interactive analyzer, or submit your own file for analysis.