Malicious PDF — malware analysis report

Static analysis result for SHA-256 1d5d14239ca836c0…

MALICIOUS

PDF

15.7 KB Created: 2019-04-30 05:15:57 +01:00 Authoring application: mPDF 5.7
MD5: aa6e53f89b82c8d69346afd33bd1efbc SHA-1: a54d65135bc6c7e1c29b6a3167ecbe0e8a6f8852 SHA-256: 1d5d14239ca836c0532fba4ef5ebbbd558c4d402d220fe517dca2c70837d9c0a
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1566.002 Spearphishing Link

The PDF contains a large number of external links, identified as a link farm. The ML classifier also flagged this PDF as malicious. The embedded URLs, while individually classified as benign, contribute to the overall suspicious nature of the document by creating a large external link farm. This suggests a potential SEO poisoning attack or a method to distribute malicious content via numerous links.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a00a08a06a06a07/The-Sara-Colson-Trilogy-The-Sara-Colson-Trilogy-1-3-by-Susan-Elle.pdf
    • http://muicuiu.dumb1.com/3a05a03a09a00a06/Escaping-Exile-Escape-Trilogy-1-by-Sara-Dobie-Bauer.pdf
    • http://muicuiu.dumb1.com/3a06a00a07a01a03/How-Now-Shall-We-Live-by-Charles-W-Colson.pdf
    • http://muicuiu.dumb1.com/1a03a07a02a09a02/The-Intuitionist-by-Colson-Whitehead.pdf
    • http://muicuiu.dumb1.com/2a09a02a08a08/Zone-One-by-Colson-Whitehead.pdf
    • http://muicuiu.dumb1.com/9a05a02a06a09a02/Zone-One-by-Colson-Whitehead.pdf
    • http://muicuiu.dumb1.com/2a04a05a00a05a07/Clear-the-Hurdles-Sara-Sara-3-by-Anna-Sellberg.pdf
    • http://muicuiu.dumb1.com/3a08a00a04a05a05/The-Innocents-Quinn-Colson-6-by-Ace-Atkins.pdf
    • http://muicuiu.dumb1.com/3a05a01a06a08a07/The-Shark-Party-by-Janet-Colson.pdf
    • http://muicuiu.dumb1.com/3a06a05a00a09a07/Kingdoms-in-Conflict-by-Charles-W-Colson.pdf
    • http://muicuiu.dumb1.com/7a05a06a06a06/Life-Sentence-by-Charles-W-Colson.pdf
    • http://muicuiu.dumb1.com/4a00a05a01/The-Underground-Railroad-by-Colson-Whitehead.pdf
    • http://muicuiu.dumb1.com/3a05a07a07a06a05/Down-amp-Dirty-Colson-Brothers-1-by-Reese-Madison.pdf
    • http://muicuiu.dumb1.com/4a07a02a01a04a07/The-Broken-Places-Quinn-Colson-3-by-Ace-Atkins.pdf
    • http://muicuiu.dumb1.com/6a02a00a06a02a01/Memoires-Originaux-Des-Createurs-de-La-Photographie-by-Rene-Colson.pdf
    • http://muicuiu.dumb1.com/4a05a06a05a04a03/The-Ice-King-On-My-Hate-Colson-Brothers-6-by-Reese-Madison.pdf
    • http://muicuiu.dumb1.com/4a05a06a01a07a02/Wrangled-Mess-Colson-Brothers-4-by-Reese-Madison.pdf
    • http://muicuiu.dumb1.com/4a02a06a03a04a08/Stewart-Realty-Anthology-The-Jack-and-Sara-Trilogy-Stewart-Realty-1-3-by-Liz-Crowe.pdf
    • http://muicuiu.dumb1.com/3a07a07a05a06a08/Seeking-Sara-Summers-by-Susan-Gabriel.pdf
    • http://muicuiu.dumb1.com/7a03a09a04a02a03/Trial-in-Action-The-Persuasive-Power-of-Psychodrama-by-Joane-Garcia-Colson-Fredilyn-Sison-Mary-Peckham.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.