Malicious PDF — malware analysis report

Static analysis result for SHA-256 e7218d5c92363990…

MALICIOUS

PDF

17.9 KB Created: 2019-05-02 18:29:27 +01:00 Authoring application: mPDF 5.7
MD5: dda78d91b2cb79f53ccb8e3af23f77e2 SHA-1: 00425046d3b5b682d9895062be4b046117683aa5 SHA-256: e7218d5c923639902e3a16504b93b3d03f716a9abe2a8c82373f895a69014679
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links to external PDF documents, a technique often used for SEO manipulation or to distribute malicious content. The ML classifier strongly indicated maliciousness. No scripts were extracted, and the document body was heavily obfuscated, preventing a deeper analysis of its specific intent beyond link distribution.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/2096098093099090/Breaking-Creed-Ryder-Creed-1-by-Alex-Kava.pdf
    • http://loaminoo.linkpc.net/1095093/Breaking-Creed-Ryder-Creed-1-by-Alex-Kava.pdf
    • http://loaminoo.linkpc.net/8092096092090091/Reckless-Creed-Ryder-Creed-3-by-Alex-Kava.pdf
    • http://loaminoo.linkpc.net/4090095090091098/Silent-Creed-Ryder-Creed-2-by-Alex-Kava.pdf
    • http://loaminoo.linkpc.net/4095096097091092/Crossover-Devil-s-Due-MC-and-Vipers-Creed-MC-Prequel-Devil-s-Due-MC-0-5-Viper-s-Creed-MC-0-5-by-Chelsea-Camaron.pdf
    • http://loaminoo.linkpc.net/9099098092098/Assassin-s-Creed-Black-Flag-Assassin-s-Creed-6-by-Oliver-Bowden.pdf
    • http://loaminoo.linkpc.net/1090091092095096/Assassin-s-Creed-Brotherhood-Assassin-s-Creed-2-by-Oliver-Bowden.pdf
    • http://loaminoo.linkpc.net/6091091093095093/Assassin-s-Creed-Underworld-Assassin-s-Creed-8-by-Oliver-Bowden.pdf
    • http://loaminoo.linkpc.net/6091091099096094/Assassin-s-Creed---Assassin-s-Creed-Brotherhood-Characters-Agostino-Chigi-Aldo-Angelina-Ceresa-Auguste-Oberlin-Bartolomeo-D-Alviano-Battista-Borgia-Bayezid-II-Belardino-Da-Verona-Caterina-Sforza-Cesare-Borgia-Claudia-Auditore-Da-Firenze-Claud-by-Source-Wikipedia.pdf
    • http://loaminoo.linkpc.net/3095098093091092/Sinner-s-Creed-Sinner-s-Creed-MC-1-by-Kim-Jones.pdf
    • http://loaminoo.linkpc.net/1090093097091090094/UnScripted-Creed-MC-2-by-Jax-Hart.pdf
    • http://loaminoo.linkpc.net/4097090097090094/Sam-s-Creed-by-Sarah-McCarty.pdf
    • http://loaminoo.linkpc.net/3091094095091091/Sinner-s-Creed-by-Scott-Stapp.pdf
    • http://loaminoo.linkpc.net/9099099092093093/The-Boy-Who-Saw-Solomon-Creed-2-by-Simon-Toyne.pdf
    • http://loaminoo.linkpc.net/3096095096090099/Creed-What-Christians-Believe-and-Why-by-Adam-Hamilton.pdf
    • http://loaminoo.linkpc.net/7099097098097093/Maybe-Donovan-Creed-9-by-John-Locke.pdf
    • http://loaminoo.linkpc.net/1098098090092099/Blood-And-Chrysanthemums-Creed-2-by-Nancy-Baker.pdf
    • http://loaminoo.linkpc.net/2092095099099097/Wish-List-Donovan-Creed-5-by-John-Locke.pdf
    • http://loaminoo.linkpc.net/1094095094096092/Garrison-s-Creed-Titan-2-by-Cristin-Harber.pdf
    • http://loaminoo.linkpc.net/2094096096090093/Garrison-s-Creed-Titan-2-by-Cristin-Harber.pdf
    • http://loaminoo.linkpc.net/6091091099096094/Assassin-s-Creed---Assassin-s-Creed-Brotherhood-Characters-Agos

Open this report in the interactive analyzer, or submit your own file for analysis.