Malicious PDF — malware analysis report

Static analysis result for SHA-256 00114404107d03e9…

MALICIOUS

PDF

14.7 KB Created: 2019-04-30 04:26:49 +01:00 Authoring application: mPDF 5.7 First seen: 2021-06-04
MD5: 4f94e49f70ff3c76e7c6c5905b3d182a SHA-1: e44efc5e12540c50507da964cfa86bfcb6e6ad98 SHA-256: 00114404107d03e9a47c6aab7417103af01993ad0bdca279fae109df71e93a5f
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified as a 'PDF_SEO_LINK_FARM' heuristic. While the document body is heavily obfuscated, the presence of numerous links suggests an attempt to manipulate search engine results or direct users to a large collection of external content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a00a03a08a03a04/Steel-Constant-Craving-The-Curse-of-the-Fallen-2-by-Julie-Anne-Addicott.pdf In PDF document text
    • http://muicuiu.dumb1.com/4a00a04a04a05a03/Demon-Soul-Untamed-1-by-Julie-Anne-Addicott.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a07a01a05a05a09/Constant-Craving-by-Kelly-Wallace.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a07a01a05a08a03/Constant-Craving-by-Tori-Carrington.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a07a01a06a06a03/Constant-Craving-Task-Force-Hawaii-3-by-Melissa-Schroeder.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a00a02a05a02a08/Craving-Steel-Brothers-Saga-1-by-Helen-Hardt.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a03a04a08a06/Fallen-Chronicles-of-the-Fallen-1-by-Julie-Morgan.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a04a08a00a08a02/Angel-Within-Fallen-Angels-2-by-Julie-Nicholls.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a04a09a00a00/Atonement-Chronicles-of-the-Fallen-3-by-Julie-Morgan.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a05a01a02a09a05/Castle-of-Mysteries-Volume-One-Secret-of-the-Cassin-s-Family-Curse-by-Julie-Gamble.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a04a03a02a02a04/His-Dark-Bond-Fallen-2-by-Anne-Marsh.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a09a05a07a00a00/Highland-Steel-Guardians-of-the-Stone-2-by-Tanya-Anne-Crosby.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a02a07a00a05/grl2grl-by-Julie-Anne-Peters.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a02a07a04a07/It-s-Our-Prom-by-Julie-Anne-Peters.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a01a07a03a00a01/Luna-by-Julie-Anne-Peters.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a08a05a04a01a03/In-Place-of-Never-by-Julie-Anne-Lindsey.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a06a03a05a03a07/Post-Apocalypse-by-Conner-Addicott.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a06a00a06a09/Keeping-You-a-Secret-by-Julie-Anne-Peters.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a02a00a07a05/To-Love-a-Thief-by-Julie-Anne-Long.pdfIn PDF document text
    • http://muicuiu.dumb1.com/8a01a09a05a05a05/A-Beautiful-Pointe-by-Julie-Anne-Lindsey.pdfIn PDF document text