Malicious PDF — malware analysis report

Static analysis result for SHA-256 25888b90c9383f9e…

MALICIOUS

PDF

23.3 KB Created: 2019-05-01 17:03:05 +01:00 Authoring application: mPDF 5.7 First seen: 2021-06-17
MD5: d236b44ced2b7a8df859665ea8abba8a SHA-1: edfb37df4bdce3826c9f9b2313ed710ab8c9e83a SHA-256: 25888b90c9383f9ebc62df62e1d067f6fd195cf5c31271a4d436605ce41becfb
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDFs hosted on the domain 'kiteeearpdf.myhome.cx'. This heuristic firing, along with the ML classifier, indicates a malicious intent, likely related to SEO manipulation or distributing further malware. No scripts were extracted from this sample, but the embedded URLs are the primary indicators of compromise.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9903

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://kiteeearpdf.myhome.cx/5f216f215f211f214f213/The-Chesapeake-Tales-Trio-Tales-amp-Scales-Legends-Yarns-amp-Barnacles-Oyster-Buyboats-Ships-amp-Steamed-Crabs---The-complete-collection-by-Ken-Rossignol.pdf In PDF document text
    • http://kiteeearpdf.myhome.cx/5f216f215f210f218f217/Chesapeake-1880-Steamboats-amp-Oyster-Wars-The-News-Reader-2-by-Ken-Rossignol.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/2f215f219f212f219f219/Dumpy-Yarns-amp-Diminutive-Legends-A-Collection-of-Poems-Essays-and-Short-Stories-by-Rebecca-Jane.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/9f217f219f218f211f210/Household-Tales-and-Childrens-Legends-Household-Tales-and-Childrens-Legends-German-Learning-Edition-by-Jacob-Grimm.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/4f213f219f213f217f217/Teapot-Tales-A-Collection-of-Unique-Fairy-Tales-by-Rebecca-Fyfe.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/2f217f214f215f210f212/Teapot-Tales-A-Collection-of-Unique-Fairy-Tales-by-Rebecca-Fyfe.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/3f214f210f210f215f213/Star-Wars-Tales-Omnibus-Tales-from-the-Mos-Eisley-Cantina-Tales-of-the-Bounty-Hunters-and-Tales-from-Jabba-s-Palace-by-Kevin-J-Anderson.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/1f217f212f219f216f218/The-Oyster-Question-Scientists-Watermen-and-the-Maryland-Chesapeake-Bay-since-1880-by-Christine-Keiner.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/1f216f219f219f215f212/Plays-Well-With-Others-A-Trio-of-Erotic-Tales-by-Selena-Kitt.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/1f211f210f219f211f211f217/Dead-To-Me-A-Trio-of-Chilling-Tales-by-Kelley-Armstrong.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/4f211f213f215f210/The-Josephine-Bonaparte-Collection-The-Many-Lives-and-Secret-Sorrows-of-Josephine-B-Tales-of-Passion-Tales-of-Woe-and-the-Last-Great-Dance-on-Earth-by-Sandra-Gulland.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/4f217f215f210f217f213/Pet-Tales-Tabby-Cat-Tales-and-Guinea-Pig-Tales-by-Becky-Corwin-Adams.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/6f219f211f213f213/The-Tales-and-Poems-of-Edgar-Allan-Poe-Complete-Works-Collection-Annotated-by-Edgar-Allan-Poe.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/2f213f213f213f219f213/Tales-of-Erana-Myths-and-Legends-by-A-L-Butcher.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/1f211f215f218f214f217f212/Tales-And-Legends-Of-The-English-Lakes-by-Wilson-Armistead.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/7f216f219f213f215f218/SR-71-Blackbird-Stories-Tales-and-Legends-by-Rich-Graham.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/1f210f218f218f211f217f216/From-the-Four-Corners-of-Europe-Tales-and-Folk-Legends-by-Wolfgang-Greller.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/7f214f216f212f217f219/Legends-Lore-amp-True-Tales-in-Mormon-Country-by-Monte-Bona.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/2f212f211f217f215f212/Grimm-Fairy-Tales-Myths-amp-Legends-Volume-5-by-Raven-Gregory.pdfIn PDF document text
    • http://kiteeearpdf.myhome.cx/2f213f211f219f212f216/Doctor-to-the-Dead-Grotesque-Legends-and-Folk-Tales-of-Old-Charleston-by-John-Bennett.pdfIn PDF document text