Malicious PDF — malware analysis report

Static analysis result for SHA-256 1ba757ee26ee776d…

MALICIOUS

PDF

15.5 KB Created: 2019-04-30 04:25:43 +01:00 Authoring application: mPDF 5.7
MD5: 3811bb2dc9c50a6a5281447d19df89a5 SHA-1: 9a317c8c1607f2a0a1e86ff3afffcbbc7e3d135e SHA-256: 1ba757ee26ee776d951496e340d5097f5cbd8afcb5179de47297e74bd2b07d81
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links to external PDF documents hosted on the domain 'muicuiu.dumb1.com'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9880

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/7a09a02a07a04a01/Bulgakov-s-the-Master-and-Margarita-The-Text-as-a-Cipher-by-Elena-N-Mahlow.pdf
    • http://muicuiu.dumb1.com/3a02a02a00a02/The-Master-and-Margarita-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/2a09a09a02a06a01/The-Master-and-Margarita-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/1a00a01a09a06a03a03/The-Master-and-Margarita-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/8a05a09a08a07a07/The-Master-and-Margarita-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/7a09a02a06a02a02/The-Writer-s-Divided-Self-in-Bulgakov-s-the-Master-amp-Margarita-by-Riitta-H-Pittman.pdf
    • http://muicuiu.dumb1.com/5a03a00a05a07/El-Maestro-y-Margarita-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/1a00a04a03a04a02a02/The-Elena-Text-The-Moses-Frank-Trilogy-1-by-Martin-Weitz.pdf
    • http://muicuiu.dumb1.com/7a09a02a07a04a04/The-Later-Plays-Of-M-Bulgakov-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/7a09a02a05a02a03/Manuscripts-Don-t-Burn-Mikhail-Bulgakov-A-Life-in-Letters-and-Diaries-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/7a09a02a05a02a09/The-Early-Plays-of-Mikhail-Bulgakov-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/1a05a03a01a02a04/Cipher-by-Leigh-MacCallum.pdf
    • http://muicuiu.dumb1.com/2a01a04a07a06a06/Cipher-In-The-Snow-by-Jean-Mizer-Todhunter.pdf
    • http://muicuiu.dumb1.com/2a03a04a05a09a09/Cipher-Southern-Arcana-4-by-Moira-Rogers.pdf
    • http://muicuiu.dumb1.com/2a06a09a07a07a04/The-Shadow-Cipher-York-1-by-Laura-Ruby.pdf
    • http://muicuiu.dumb1.com/1a04a01a02a02a06/The-Cipher-Garden-Lake-District-Mystery-2-by-Martin-Edwards.pdf
    • http://muicuiu.dumb1.com/1a00a03a03a09a06a00/Margarita-by-Joan-Wolf.pdf
    • http://muicuiu.dumb1.com/7a09a02a05a06a03/The-Lamb-of-God-by-Sergius-Bulgakov.pdf
    • http://muicuiu.dumb1.com/1a04a03a08a05a00/The-Firefly-Letters-by-Margarita-Engle.pdf
    • http://muicuiu.dumb1.com/7a09a02a05a07a00/The-Crimson-Island-by-Mikhail-Bulgakov.pdf
    • http://muicuiu.dumb1.com/7a09a02a05

Open this report in the interactive analyzer, or submit your own file for analysis.