Malicious PDF — malware analysis report

Static analysis result for SHA-256 06b2c2a5d2bb128d…

MALICIOUS

PDF

17.4 KB Created: 2019-05-22 16:48:04 +01:00 Authoring application: mPDF 5.7
MD5: ea4e5159dcc3eab311a487c4bc9894c5 SHA-1: 2e9e4d0861bc2e9d265f1b56bd744bd0129ead2e SHA-256: 06b2c2a5d2bb128dc6ac392e2663313aedadd8d62579706e66b6f29a5cb4fcc7
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, forming a link farm that directs users to external PDF files. This behavior is indicative of a phishing or content-luring campaign, likely intended to drive traffic or potentially distribute further malicious content. The ML classifier also strongly flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/6730731737734738/---Ao-no-Ekusoshisuto-Home-Sweet-Home-Blue-Exorcist-Light-Novel-2-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731737734736/---Ao-no-Ekusoshisuto-Bloody-Fairytale-Blue-Exorcist-Light-Novel-3-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731737730732/-12-Ao-no-Exorcist-12-Blue-Exorcist-12-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731737730736/-16-Ao-no-Exorcist-16-Blue-Exorcist-16-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731737730739/-19-Ao-no-Exorcist-19-Blue-Exorcist-19-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731737730730/Blue-Exorcist-Vol-11-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/6730731736739738/Blue-Exorcist-Vol-7-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/9730731739730/Blue-Exorcist-Vol-6-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/2730733736739738/Blue-Exorcist-Vol-2-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/1731738736733730730/Blue-Exorcist---Band-13-Ein-echter-Teufelskerl-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/5735731734734737/Home-Sweet-Maison-The-French-Art-of-Making-a-Home-by-Danielle-Postel-Vinay.pdf
    • http://cefasfese.4pu.com/2732735734739736/Sugarhouse-Turning-the-Neighborhood-Crack-House-into-Our-Home-Sweet-Home-by-Matthew-Batt.pdf
    • http://cefasfese.4pu.com/4734738735732733/Home-Sweet-Home-Hope-Falls-4-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/1737734734733730/Home-Sweet-Home-The-Night-Wars-4-5-by-Missouri-Dalton.pdf
    • http://cefasfese.4pu.com/5738730735730738/Sweet-Home-Sweet-Home-1-by-Tillie-Cole.pdf
    • http://cefasfese.4pu.com/5739731735731732/Sweet-Home-Sweet-Home-1-by-Tillie-Cole.pdf
    • http://cefasfese.4pu.com/4731735734736737/Home-Sweet-Home-I-Remember-You-2-by-Scarlett-Metal.pdf
    • http://cefasfese.4pu.com/9734730736733/You-and-Me-and-Home-Sweet-Home-by-George-Ella-Lyon.pdf
    • http://cefasfese.4pu.com/6730731737734739/---1-Salaryman-Futsumashi-Okumura-Yukio-no-Aishuu-1-Salaryman-Exorcist-The-Sorrows-of-Okumura-Yukio-1-by-Kazue-Kato.pdf
    • http://cefasfese.4pu.com/4736732735733739/Home-Sweet-Home-by-April-Smith.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.