Malicious PDF — malware analysis report

Static analysis result for SHA-256 d98349bc706aff17…

MALICIOUS

PDF

17.4 KB Created: 2019-05-02 19:28:09 +01:00 Authoring application: mPDF 5.7
MD5: 4db8d7e3c6456b228d457ad65e1f0900 SHA-1: 5f9d673f638027b72b28daaa9973f66cf3f0829e SHA-256: d98349bc706aff174aea1d4f24d2805bd9b981ca3d48511de551a962d459269f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links pointing to external PDF documents hosted on a dynamic DNS domain. This heuristic firing suggests a link farm or a distribution mechanism for further content. While the URLs themselves are marked as benign, the sheer volume and the nature of the hosting domain indicate a potential for malicious redirection or content delivery. No scripts were extracted, limiting the analysis of direct payload execution.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1099090094094096/An-Intimate-Note-to-the-Sincere-Seeker-Volume-4-July-30-1998-to-July-28-1999-Weekly-Knowledge-from-Sri-Sri-Ravi-Shankar-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/1099090092097093/The-Yogasara-Upanishad-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/1099090095096094/Bang-on-the-Door-A-Collection-of-Talks-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/5098097093095099/The-Guru-of-Joy-Sri-Sri-Ravi-Shankar-and-the-Art-of-Living-by-Fran-ois-Gautier.pdf
    • http://loaminoo.linkpc.net/6093090092095094/An-Intimate-Note-To-The-Sincere-Seeker-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/1099090094090098/Narada-Bhakti-Sutra-The-Aphorisms-Of-Love-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/1099091094094095/An-Intimate-Note-to-the-Sincere-Seeker-Volume-7-July-12-2001-July-11-2002-by-Sri-Sri-Ravi-Shankar.pdf
    • http://loaminoo.linkpc.net/7091090090099/Loves-Music-Loves-to-Dance-by-Mary-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/9092094092097092/Codependency---Loves-Me-Loves-Me-Not-Learn-How-To-Cultivate-Healthy-Relationships-Overcome-Relationship-Jealousy-Stop-Controlling-Others-and-Be-Codependent-No-More-by-Simeon-Lindstrom.pdf
    • http://loaminoo.linkpc.net/1091099099094097/Two-Loves-Lost-Two-Loves-1-by-Sandy-Graham.pdf
    • http://loaminoo.linkpc.net/1096096098098090/He-Loves-Me-He-Loves-Me-Not-by-Tracy-L-Darity.pdf
    • http://loaminoo.linkpc.net/3091093097093096/He-Loves-Me-He-Loves-You-Not-by-Lauren-Hammond.pdf
    • http://loaminoo.linkpc.net/7099098091094/If-God-Was-a-Banker-by-Ravi-Subramanian.pdf
    • http://loaminoo.linkpc.net/1093093094099094/The-Bankster-by-Ravi-Subramanian.pdf
    • http://loaminoo.linkpc.net/4090099095094094/It-So-Happened-by-Ravi-Ranjan-Goswami.pdf
    • http://loaminoo.linkpc.net/4098092098091093/Lovers-Rock-by-Ravi-Bedi.pdf
    • http://loaminoo.linkpc.net/6098094094097/The-Bestseller-She-Wrote-by-Ravi-Subramanian.pdf
    • http://loaminoo.linkpc.net/4090098099093093/Devil-In-Pinstripes-by-Ravi-Subramanian.pdf
    • http://loaminoo.linkpc.net/6096099093097099/34-Bruton-Street-by-Ravi-Ravendro.pdf
    • http://loaminoo.linkpc.net/4099092097094099/Her-Nightly-Embrace-Ravi-PI-1-by-Adi-Tantimedh.pdf
    • http://loaminoo.linkpc.net/1099091094094095/An-Intimate-N

Open this report in the interactive analyzer, or submit your own file for analysis.