Malicious PDF — malware analysis report

Static analysis result for SHA-256 e25367173dd0e243…

MALICIOUS

PDF

15.3 KB Created: 2019-04-30 17:59:00 +01:00 Authoring application: mPDF 5.7
MD5: 6ea9105cbe2527e69e735ff00afaa1ac SHA-1: dfd455c2e249d99830f4eea19292cb24b5b8346c SHA-256: e25367173dd0e243a8e9de8dee878a527298698ca4ceed4a4e0c9db38457b7fa
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links to external PDF documents, all hosted on the domain 'loaminoo.linkpc.net'. This pattern is indicative of a link farm or a lure to a large collection of potentially malicious content. No scripts were extracted, and the document body was heavily obfuscated, preventing a deeper analysis of the immediate intent beyond the link farm. The primary IOCs are the URLs pointing to the external PDFs.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/2092099094095096/Anne-Frank-Diary-of-a-Young-Girl-by-Myrna-Warren.pdf
    • http://loaminoo.linkpc.net/3097091091096091/Anne-Frank-The-Diary-of-a-Young-Girl-The-Definitive-Edition-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/5095090097090096/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/9094092097099/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/2098096097098095/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/9098091097094/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/7099095095097094/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/6097093096099096/The-Diary-of-a-Young-Girl-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/2092099093092095/Anne-Frank-the-Diary-of-a-Young-Girl-by-M-E-Blau.pdf
    • http://loaminoo.linkpc.net/2092099095096096/Anne-Frank-The-Diary-of-a-Young-Girl-by-Marcia-Tretler.pdf
    • http://loaminoo.linkpc.net/2092099094093095/Anne-Frank-s-The-Diary-of-a-Young-Girl-Monarch-Notes-by-Eugenie-Harris.pdf
    • http://loaminoo.linkpc.net/6094098094094097/Anne-Frank-The-Story-of-a-Young-Girl-Simplified-Characters-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/9092097090092095/Diary-of-Anne-Frank-in-Dari-Persian-or-Farsi-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/6093096094094091/The-Diary-of-Anne-Frank-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/4094092097091096/Anne-Frank-s-Diary-The-Graphic-Novel-by-Ari-Folman.pdf
    • http://loaminoo.linkpc.net/9090093097095099/Reading-the-Diary-of-Anne-Frank-by-Neil-Heims.pdf
    • http://loaminoo.linkpc.net/2093092090098/The-Diary-of-Anne-Frank-And-Related-Readings-by-Frances-Goodrich.pdf
    • http://loaminoo.linkpc.net/6093097098099094/There-We-ll-Meet-Again-Young-German-Girl-s-Diary-of-the-First-World-War-by-Piete-Kuhr.pdf
    • http://loaminoo.linkpc.net/2095092092091098/Young-Nanny-A-Victorian-Girl-s-Diary-1850-by-Frances-Mary-Hendry.pdf
    • http://loaminoo.linkpc.net/1091091092094094096/Anne-Frank-s-Tales-from-the-Secret-Annex-A-Collection-of-Her-Short-Stories-Fables-and-Lesser-Known-Writings-by-Anne-Frank.pdf
    • http://loaminoo.linkpc.net/2092099094093095/Anne-Frank-

Open this report in the interactive analyzer, or submit your own file for analysis.