Malicious PDF — malware analysis report

Static analysis result for SHA-256 f51be0edf853ea12…

MALICIOUS

PDF

12.6 KB Created: 2019-05-05 16:29:28 +01:00 Authoring application: mPDF 5.7
MD5: 61ad558eaaaabfc2bb903e90387fb156 SHA-1: 1ba934098a56aa59755fe843a0a468374e19d18f SHA-256: f51be0edf853ea12f6ad56f5bf8d8f43d1caf45b6d8a9144b9b820668f283ab3
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. These links point to various PDF files hosted on 'loaminoo.linkpc.net', suggesting a link farm or redirection scheme. The primary purpose appears to be driving traffic to these external resources, which are likely malicious or part of a larger phishing campaign. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/9091098090094094/Threebies-Kazuo-Ishiguro-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2095097095098097/Never-Let-Me-Go-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/6091092093093/Never-Let-Me-Go-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2095099099091097/Never-Let-Me-Go-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2091095099096/Never-Let-Me-Go-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/4098092099090096/The-Remains-of-the-Day-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2098091098093093/The-Remains-of-the-Day-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1099098090097092/The-Unconsoled-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2094099098091091/The-Remains-of-the-Day-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/3096095096092/The-Unconsoled-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1091093096099094092/Kazuo-Ishiguro-by-Wai-chew-Sim.pdf
    • http://loaminoo.linkpc.net/8095090090091092/Non-me-deixes-nunca-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1090090094092099/Nikad-me-ne-ostavljaj-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1091093097090094095/About-Kazuo-Ishiguro-The-Remains-of-the-Day-by-Stefanie-Grill.pdf
    • http://loaminoo.linkpc.net/1093099099099095/An-Artist-of-the-Floating-World-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2093091090091093/Conversations-with-Kazuo-Ishiguro-by-Brian-W-Shaffer.pdf
    • http://loaminoo.linkpc.net/1091093096099095097/Early-Japanese-Stories-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/2094099096095099/An-Artist-of-the-Floating-World-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1091093096098090097/Understanding-Kazuo-Ishiguro-by-Brian-W-Shaffer.pdf
    • http://loaminoo.linkpc.net/3091095093095097/Laat-me-nooit-alleen-by-Kazuo-Ishiguro.pdf
    • http://loaminoo.linkpc.net/1091093097090094095/About-Kazuo-Ishigu

Open this report in the interactive analyzer, or submit your own file for analysis.