Malicious PDF — malware analysis report

Static analysis result for SHA-256 e5162714d588bacb…

MALICIOUS

PDF

16.0 KB Created: 2019-04-30 04:25:07 +01:00 Authoring application: mPDF 5.7
MD5: 8db935d57695fc8ca02c454915dd3f87 SHA-1: 74710397e2852101e6562faac45049abedb62862 SHA-256: e5162714d588bacb269520acb75af8901e4d6f2e7bdc60c98e4b9d7f725993b3
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file was identified as malicious due to a critical heuristic firing for a large number of external links, suggesting a link farm. While the document body was unreadable, the embedded URLs point to a large collection of PDF files, likely intended to manipulate search engine results or distribute further content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/1090097099093096092/The-Cherry-Blossom-Murder-Josie-Clark-in-Japan-mysteries-1-by-Fran-Pickering.pdf
    • http://loaminoo.linkpc.net/5093093092095099/Cherry-Blossom-Girls-Cherry-Blossom-Girls-1-by-Harmon-Cooper.pdf
    • http://loaminoo.linkpc.net/5095096096096/Cherry-Blossom-Vampire-Cherry-2-by-Sotia-Lazu.pdf
    • http://loaminoo.linkpc.net/1090097099093095092/This-Old-Murder-Josie-Pigeon-4-by-Valerie-Wolzien.pdf
    • http://loaminoo.linkpc.net/3097094092098094/Marked-Down-for-Murder-Good-Buy-Girls-4-by-Josie-Belle.pdf
    • http://loaminoo.linkpc.net/3097095096092099/A-Wee-Murder-in-My-Shop-Scotshop-Mystery-1-by-Fran-Stewart.pdf
    • http://loaminoo.linkpc.net/3097095099093093/Cherry-Pie-or-Die-Baker-Street-Mysteries-1-by-CeeCee-James.pdf
    • http://loaminoo.linkpc.net/3095095096095093/A-Spoonful-of-Murder-Murder-Most-Unladylike-Mysteries-6-by-Robin-Stevens.pdf
    • http://loaminoo.linkpc.net/1096096098095/First-Class-Murder-Murder-Most-Unladylike-Mysteries-3-by-Robin-Stevens.pdf
    • http://loaminoo.linkpc.net/5090099090090098/Dolled-Up-for-Murder-Josie-Prescott-Antiques-Mystery-7-by-Jane-K-Cleland.pdf
    • http://loaminoo.linkpc.net/3096090096091093/Three-Classic-Mysteries-Starring-Miss-Marple-A-Murder-is-Announced-The-Body-in-the-Library-Murder-With-Mirrors-by-Agatha-Christie.pdf
    • http://loaminoo.linkpc.net/4098098096093094/Wanted-Mud-Blossom-Blossom-Family-5-by-Betsy-Byars.pdf
    • http://loaminoo.linkpc.net/7099097090095092/Four-Josie-D-Josie-DuPuy-Book-2-by-H-Berkeley-Rourke.pdf
    • http://loaminoo.linkpc.net/2096096092098090/Wrecked-Regan-Reilly-Mysteries-13-by-Carol-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/2097093097095092/Cursed-Regan-Reilly-Mysteries-12-by-Carol-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/6090092099091096/Jinxed-Regan-Reilly-Mysteries-6-by-Carol-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/6090092099091093/Fleeced-Regan-Reilly-Mysteries-5-by-Carol-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/2098096096097090/Iced-Regan-Reilly-Mysteries-3-by-Carol-Higgins-Clark.pdf
    • http://loaminoo.linkpc.net/2099095094095091/Big-Easy-Murder-Peyton-Clark-2-5-by-H-P-Mallory.pdf
    • http://loaminoo.linkpc.net/4099090091094098/Candy-Murder-amp-Me-by-Carolyn-Chambers-Clark.pdf
    • http://loaminoo.linkpc.net/5090099090090098/Dolled-Up-for-Murd

Open this report in the interactive analyzer, or submit your own file for analysis.