Pdf.Dropper.Agent-7384459-0 — PDF malware analysis

Static analysis result for SHA-256 26825b33bbac9369…

MALICIOUS

PDF

16.2 KB Created: 2019-05-02 00:50:24 +01:00 Authoring application: mPDF 5.7
MD5: ebd397e9e2b9a95ded3bddece31eb2ed SHA-1: e46752d9261a09d2f33c9034198b30731ed34ca9 SHA-256: 26825b33bbac93690366cd2a0a5d41c53012051c205da15b9e567f540da10776
70 Risk Score

Malware Insights

Pdf.Dropper.Agent-7384459-0 · confidence 95%

MITRE ATT&CK
T1204.002 Malicious File T1566.002 Spearphishing Attachment

The ClamAV heuristic identified this PDF as a dropper, and a PDF_URI heuristic found an external URL embedded within the document. The DOC BODY also contains this URL, suggesting it is intended to be presented to the user. The presence of a download button lure further supports the malicious intent of directing the user to download content from the identified URL.

Heuristics 4

  • ClamAV: Pdf.Dropper.Agent-7384459-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7384459-0
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/7a09a06a05a00/The-Unthinkable-Thoughts-of-Jacob-Green-by-Joshua-Braff.pdf
    • http://muicuiu.dumb1.com/1a07a04a08a09/The-Old-English-Peep-Show-by-Peter-Dickinson.pdf
    • http://muicuiu.dumb1.com/2a03a03a09a08a06/Loving-Joshua-Joshua-Series-1-by-Grein-Murray.pdf
    • http://muicuiu.dumb1.com/1a00a04a08a02a07/A-Peep-Behind-the-Scenes-by-O-F-Walton.pdf
    • http://muicuiu.dumb1.com/6a06a00a08a02a06/Peep-and-Egg-I-m-Not-Hatching-by-Laura-Gehl.pdf
    • http://muicuiu.dumb1.com/4a06a00a06a06/Peep-Leap-by-Elizabeth-Verdick.pdf
    • http://muicuiu.dumb1.com/1a03a05a04a08a00/Meet-Me-at-the-Masterpiece-A-Zany-Peep-at-Art-by-Sandy-Pugh.pdf
    • http://muicuiu.dumb1.com/5a02a05a00a03/Typee-A-Peep-at-Polynesian-Life-by-Herman-Melville.pdf
    • http://muicuiu.dumb1.com/1a02a01a09a04a03/Little-Bo-Peep-and-the-Flying-City-of-London-The-Complete-Series-by-A-M-Cranston.pdf
    • http://muicuiu.dumb1.com/2a03a06a01a08a07/The-Peep-Diaries-How-We-re-Learning-to-Love-Watching-Ourselves-and-Our-Neighbors-by-Hal-Niedzviecki.pdf
    • http://muicuiu.dumb1.com/2a02a03a07a06a07/InterGalactic-Medicine-Show-Issue-10-InterGalactic-Medicine-Show-10-by-Edmund-R-Schubert.pdf
    • http://muicuiu.dumb1.com/2a09a01a04a06a02/Joshua-Dread-Joshua-Dread-1-by-Lee-Bacon.pdf
    • http://muicuiu.dumb1.com/4a09a03a06a09a01/The-Joshua-James-Project-by-Joshua-James.pdf
    • http://muicuiu.dumb1.com/3a05a06a01a09a01/Just-for-Show-by-Jae.pdf
    • http://muicuiu.dumb1.com/2a02a00a05a07a00/I-Want-to-Show-You-More-by-Jamie-Quatro.pdf
    • http://muicuiu.dumb1.com/4a09a01a08a04a08/Some-Slips-Don-t-Show-by-A-A-Fair.pdf
    • http://muicuiu.dumb1.com/1a00a01a00a09a01a00/Welcome-to-the-Show-by-Doug-Murano.pdf
    • http://muicuiu.dumb1.com/6a07a04a02/Show-Me-the-Way-Fight-for-Me-1-by-A-L-Jackson.pdf
    • http://muicuiu.dumb1.com/4a06a05a04a04a02/Win-Place-or-Show-by-Dick-Francis.pdf
    • http://muicuiu.dumb1.com/8a02a01a00a08a01/Craft-Show-Book-by-Rob-Goyette.pdf
    • http://muicuiu.dumb1.com/2a03a06a01a08a07/The-Peep-Diaries-How-We-re-L

Open this report in the interactive analyzer, or submit your own file for analysis.