Malicious PDF — malware analysis report

Static analysis result for SHA-256 0d019a1ae989ed5f…

MALICIOUS

PDF

15.6 KB Created: 2019-04-30 03:05:41 +01:00 Authoring application: mPDF 5.7
MD5: 94284bfd20c46f2e6855b1906dba27df SHA-1: 81d112d22c2ae58c38b4d60a44c0cf5c68f48267 SHA-256: 0d019a1ae989ed5f944d619ba026601660778ec7d9149da8ef8446dbcb88bb68
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified as a link farm, suggesting a deceptive tactic to redirect users. The ML classifier also flagged this PDF as malicious with high confidence. The presence of a visual download button further supports the lure, indicating an attempt to trick users into downloading potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a05a01a04a05a01/Teach-Your-Own-The-John-Holt-Book-Of-Homeschooling-by-John-Holt.pdf
    • http://muicuiu.dumb1.com/5a00a04a00a07a08/How-Children-Learn-by-John-Holt.pdf
    • http://muicuiu.dumb1.com/1a01a06a03a09a04a03/Kendall-Kendall-Book-5-by-John-Holt.pdf
    • http://muicuiu.dumb1.com/5a00a03a09a06a03/Escape-from-Childhood-The-Needs-and-Rights-of-Children-by-John-Holt.pdf
    • http://muicuiu.dumb1.com/3a08a03a09a09a07/Major-and-Mrs-Holt-s-Battlefield-Guide-to-Normandy-Landing-Beaches-by-Tonie-Holt.pdf
    • http://muicuiu.dumb1.com/5a08a01a05a04a00/Major-amp-Mrs-Holt-s-Guide-to-the-Battlefields-of-the-Somme-by-Tonie-Holt.pdf
    • http://muicuiu.dumb1.com/2a09a08a06a05a00/The-Second-Tom-Holt-Omnibus-My-Hero---Who-s-Afraid-of-Beowulf-by-Tom-Holt.pdf
    • http://muicuiu.dumb1.com/4a09a07a09a08a03/The-Official-Radio-6-Music-Quiz-Book-by-Nick-Holt.pdf
    • http://muicuiu.dumb1.com/2a02a05a01a09a04/The-Sheriff-s-Christmas-Angels-Texas-Lawmen-Book-4-by-Debra-Holt.pdf
    • http://muicuiu.dumb1.com/2a05a00a05a05a07/Holt-Her-Ruthless-Billionaire-50-Loving-States-Connecticut-Ruthless-Tycoons-Book-1-by-Theodora-Taylor.pdf
    • http://muicuiu.dumb1.com/1a00a03a05a04a05/Wish-You-Were-Here-by-Tom-Holt.pdf
    • http://muicuiu.dumb1.com/6a09a00a08a06a07/Uncle-John-s-Presents-The-Book-of-the-Dumb-by-John-Scalzi.pdf
    • http://muicuiu.dumb1.com/2a00a00a05a00a09/Destined-To-Be-by-T-K-Holt.pdf
    • http://muicuiu.dumb1.com/2a00a04a09a07a06/Valhalla-by-Tom-Holt.pdf
    • http://muicuiu.dumb1.com/4a07a04a04a09a08/Only-Human-by-Tom-Holt.pdf
    • http://muicuiu.dumb1.com/2a09a07a00a02a04/Thirst-by-T-K-Holt.pdf
    • http://muicuiu.dumb1.com/4a02a08a06a03/Blood-Redemption-by-A-H-Holt.pdf
    • http://muicuiu.dumb1.com/4a07a04a05a00a05/Magna-Carta-by-J-C-Holt.pdf
    • http://muicuiu.dumb1.com/2a08a00a06a06a04/Not-Another-Soldier-by-Samantha-Holt.pdf
    • http://muicuiu.dumb1.com/3a09a09a00a06a07/Seduce-Me-by-Cheryl-Holt.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.