Malicious PDF — malware analysis report

Static analysis result for SHA-256 f5e4a8231c3863fb…

MALICIOUS

PDF

12.8 KB Created: 2019-04-30 08:12:34 +01:00 Authoring application: mPDF 5.7
MD5: ccecbeb70087abe0ee0aea14a542ce3d SHA-1: 460809cb1b6a9bd1247d9e561891cb36cf457f78 SHA-256: f5e4a8231c3863fb6d5b22ff5348e7d7380b9ebcc8de1b398738a105ccb4d8aa
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files hosted on the 'loaminoo.linkpc.net' domain. This heuristic firing, combined with the ML classifier, indicates a malicious intent to redirect users to potentially harmful content. The document body itself is heavily obfuscated but contains the same URLs, reinforcing the link farm strategy.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8905

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://loaminoo.linkpc.net/2094094092091096/Shattered-Ties-Ties-1-by-K-A-Robinson.pdf
    • http://loaminoo.linkpc.net/4093092094093098/Blood-Ties-Blood-Ties-1-by-Lisa-Hall.pdf
    • http://loaminoo.linkpc.net/4093090097091094/The-Ties-Eternal-The-Web-3-by-C-M-Spivey.pdf
    • http://loaminoo.linkpc.net/6097092093095095/The-Ties-That-Bind-Never-Forgotten-by-S-A-J-Friederich.pdf
    • http://loaminoo.linkpc.net/4092091093097095/School-Ties-by-Deborah-Chiel.pdf
    • http://loaminoo.linkpc.net/2099090095099095/Beyond-the-Ties-of-Blood-A-Novel-by-Florencia-Mallon.pdf
    • http://loaminoo.linkpc.net/1092098094091/Ties-That-Blind-by-Leigh-Michaels.pdf
    • http://loaminoo.linkpc.net/7092098093090092/The-Ties-That-Bind-by-Vanessa-Duri-s.pdf
    • http://loaminoo.linkpc.net/2097090099099097/School-Ties-by-Tamsen-Parker.pdf
    • http://loaminoo.linkpc.net/1092094097091/Ties-Of-Love-by-Anita-Wall.pdf
    • http://loaminoo.linkpc.net/4099095091095092/Deadly-Ties-by-Susan-Holmes.pdf
    • http://loaminoo.linkpc.net/3099095098095091/The-Ties-That-Bind-by-Erin-Kelly.pdf
    • http://loaminoo.linkpc.net/1090098092096093/Blood-Ties-by-Victoria-Rice.pdf
    • http://loaminoo.linkpc.net/3094099096098094/Ties-That-Bind-by-Heather-Huffman.pdf
    • http://loaminoo.linkpc.net/7090099097095097/The-Ties-That-Bind-An-as-I-Lay-Dying-Novel-by-Katie-Miller.pdf
    • http://loaminoo.linkpc.net/2096090095090094/Blood-Ties-The-Edge-of-Forever-2-by-D-C-Gambel.pdf
    • http://loaminoo.linkpc.net/7093098094091099/Invincible-Vol-16-Family-Ties-by-Robert-Kirkman.pdf
    • http://loaminoo.linkpc.net/2097098097098099/The-Tangled-Ties-That-Bind-by-Mary-Connealy.pdf
    • http://loaminoo.linkpc.net/7092098094096/Iron-Ties-Silver-Rush-2-by-Ann-Parker.pdf
    • http://loaminoo.linkpc.net/4099097096093/A-Name-of-Her-Own-Tender-Ties-Historical-1-by-Jane-Kirkpatrick.pdf
    • http://loaminoo.linkpc.net/30940990960980

Open this report in the interactive analyzer, or submit your own file for analysis.