Malicious PDF — malware analysis report

Static analysis result for SHA-256 df58c856a191676d…

MALICIOUS

PDF

15.9 KB Created: 2020-03-18 21:17:12 +00:00 Authoring application: mPDF 5.7
MD5: 8850452e5b2e05521377c477b965b443 SHA-1: 3029770c360b5bb950f88e10066dbeb5b269406f SHA-256: df58c856a191676d63b9d568c61fcc6de37e619791fd49c4d58651d7d235b809
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a heuristic firing for a link farm, with 21 embedded URLs pointing to external PDF documents. The document body itself is heavily obfuscated and unreadable, but the embedded URLs suggest a potential SEO poisoning or content distribution attack. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://lwoscmobook.myhome.cx/452495246524852445247/Alpha-Mine-Alpha-and-Omega-4-by-Aline-Hunter.pdf
    • http://lwoscmobook.myhome.cx/352465245524652415248/Alpha-amp-Omega-Call-of-the-Hunt-Alpha-amp-Omega-0-5-3-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/152435242524252475245/Alpha-and-Omega-Alpha-amp-Omega-0-5-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/152485244524652425249/The-Alpha-Series-Boxed-Set-Books-1---3-Alpha-Kaden-Alpha-Grayson-and-Alpha-Jasper-by-Midika-Crane.pdf
    • http://lwoscmobook.myhome.cx/252465248524952415248/Alpha-amp-Omega-by-K-Webster.pdf
    • http://lwoscmobook.myhome.cx/752455241524352475245/Inseparable-An-Alpha-and-Omega-by-TheHalfBloodPrince36.pdf
    • http://lwoscmobook.myhome.cx/252455245524152405248/Omega-Alpha-3-by-Jasinda-Wilder.pdf
    • http://lwoscmobook.myhome.cx/15240524052415244/Alpha-amp-Omega-Locke-amp-Key-6-by-Joe-Hill.pdf
    • http://lwoscmobook.myhome.cx/352465244524352415245/Dancing-Around-The-Cop-Alpha-and-Omega-2-by-Lisa-Oliver.pdf
    • http://lwoscmobook.myhome.cx/1524152495241524952425245/Wolverine-and-the-X-Men-Alpha-amp-Omega-by-Brian-Wood.pdf
    • http://lwoscmobook.myhome.cx/252495249524552485246/Omega-s-Future-Mated-to-the-Alpha-8-by-Wolf-Specter.pdf
    • http://lwoscmobook.myhome.cx/252495249524752465242/Alpha-Beta-Omega-The-Mountain-Shifters-10-by-L-C-Davis.pdf
    • http://lwoscmobook.myhome.cx/152485244524652465240/Fair-Game-Alpha-amp-Omega-3-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/252475246524352495245/Hunting-Ground-Alpha-amp-Omega-2-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/45246524652405244/Fair-Game-Alpha-amp-Omega-3-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/252495249524552425249/Omega-s-Home-Mated-to-the-Alpha-2-by-Wolf-Specter.pdf
    • http://lwoscmobook.myhome.cx/252405245524652485242/Dead-Heat-Alpha-amp-Omega-4-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/952405245524252455241/Im-Bann-der-W-lfe-Alpha-amp-Omega-4-by-Patricia-Briggs.pdf
    • http://lwoscmobook.myhome.cx/252495249524552425247/Omega-s-Bond-Mated-to-the-Alpha-4-by-Wolf-Specter.pdf
    • http://lwoscmobook.myhome.cx/752415240524952465248/Pok-mon-Omega-Ruby-Alpha-Sapphire-Vol-1-by-Satoshi-Yamamoto.pdf
    • http://lwoscmobook.myhome.cx/352465244524352415245/Dancing-Around-The-Cop-Alpha-and-Omega-2-by-L

Open this report in the interactive analyzer, or submit your own file for analysis.