PDF static analysis report

Static analysis result for SHA-256 1f892905c88456b5…

CLEAN

PDF

23.7 KB Created: 2018-02-26 15:02:03 -05:00 Authoring application: Microsoft® Word 2013 First seen: 2018-09-04
MD5: a80db7e6b21b6030514f817f84fba8e7 SHA-1: b10d37e46721852ef6f77bf71fd4a27da9fef895 SHA-256: 1f892905c88456b58f703bc183bff62e60737acb30b2fdc9c6500210bc729258
4 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF document contains an embedded URI pointing to 'http://extrememusclenutrition.com/images/Nutrition/Direct.php'. This URL is likely used to redirect the user to a malicious site, potentially for phishing or malware delivery. No scripts were extracted, limiting the ability to determine further actions.

Machine Learning

  • Nyx PDF Classifier clean score 0.0107

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://extrememusclenutrition.com/images/Nutrition/Direct.php PDF link annotation
    • https://privacy.microsoft.com/en-us/privacystatementIn PDF document text