Malicious PDF — malware analysis report

Static analysis result for SHA-256 f018749f61fae34c…

MALICIOUS

PDF

12.7 KB Created: 2019-04-30 18:32:44 +01:00 Authoring application: mPDF 5.7
MD5: b756949cb125d31da5b2f87052a8c998 SHA-1: 03cbb57d46d037ee45a302e3b32f6679b68b0e03 SHA-256: f018749f61fae34c1bb59baa6ab63a433a1a112972fa646e8c55491b7849d4af
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious. While the URLs themselves are currently marked as benign, the sheer volume and the nature of the heuristic suggest a link farm intended to drive traffic, potentially to malicious sites or for SEO manipulation. No scripts were extracted, and the document body was unreadable.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/7090094091093099/Nothing-but-Trouble-Trouble-4-by-Erin-Kern.pdf
    • http://loaminoo.linkpc.net/7096090090092093/Trouble-Rob-amp-Sabrina-s-Story-Trouble-1-3-by-Emme-Rollins.pdf
    • http://loaminoo.linkpc.net/3094097096094097/Looking-For-Trouble-Texas-Trouble-4-by-Becky-McGraw.pdf
    • http://loaminoo.linkpc.net/2092090095095091/Trouble-With-the-Law-Texas-Trouble-11-by-Becky-McGraw.pdf
    • http://loaminoo.linkpc.net/7090093099093095/Changing-the-Rules-Champion-Valley-3-by-Erin-Kern.pdf
    • http://loaminoo.linkpc.net/1096090094094098/Here-Comes-Trouble-Nothing-Special-3-by-A-E-Via.pdf
    • http://loaminoo.linkpc.net/1097090092094096/Looks-like-Trouble-to-Me-by-Calinda-B-.pdf
    • http://loaminoo.linkpc.net/1096097092099095/Trouble-by-Kate-Christensen.pdf
    • http://loaminoo.linkpc.net/2090097099095099/The-Trouble-With-Heroes-by-Jo-Beverley.pdf
    • http://loaminoo.linkpc.net/4090090096091097/Looking-for-Trouble-K-Barthan-4-by-M-T-McGuire.pdf
    • http://loaminoo.linkpc.net/1094092090099091/Trouble-No-More-by-Anthony-Grooms.pdf
    • http://loaminoo.linkpc.net/7099099091098090/Puppy-Trouble-by-Lin-Picou.pdf
    • http://loaminoo.linkpc.net/3094095096095099/The-Trouble-With-Love-by-Rosemary-Dun.pdf
    • http://loaminoo.linkpc.net/7090092092098/Asking-For-Trouble-by-Kristina-Lloyd.pdf
    • http://loaminoo.linkpc.net/2098097095097099/Trouble-by-Gary-D-Schmidt.pdf
    • http://loaminoo.linkpc.net/1091092091096092095/Trouble-by-Cheryl-Ann-Smith.pdf
    • http://loaminoo.linkpc.net/4090097093097095/In-Trouble-by-Ellen-Levine.pdf
    • http://loaminoo.linkpc.net/5090091090091098/Boy-Trouble-by-Mark-A-Roeder.pdf
    • http://loaminoo.linkpc.net/4099095093090093/A-Nose-For-Trouble-by-Jim-Kjelgaard.pdf
    • http://loaminoo.linkpc.net/1090098093095090095/Here-Comes-Trouble-by-Corinne-Demas.pdf
    • http://loaminoo.linkpc.net/309409509609

Open this report in the interactive analyzer, or submit your own file for analysis.