Malicious PDF — malware analysis report

Static analysis result for SHA-256 2be0a7f4d95d67dc…

MALICIOUS

PDF

24.4 KB Created: 2019-05-07 08:30:17 +01:00 Authoring application: mPDF 5.7 First seen: 2021-06-20
MD5: a6a532c9246d5c6d9b53b649c589a536 SHA-1: 714e4908714ab1899c8af8a9d5982773335bbaa8 SHA-256: 2be0a7f4d95d67dcbf025f891335600c542bc69c9836c5b97f14191e6bdb81b3
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified as a link farm, suggesting a malicious intent to redirect users. While the document body is heavily obfuscated, the presence of numerous URLs and the 'PDF_SEO_LINK_FARM' heuristic indicate a likely attempt to distribute malicious content or phish users. The ML classifier also flagged the document as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9716

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a07a05a05a04a05/Encyclopedia-Brown-and-the-Case-of-the-Secret-Pitch-Encyclopedia-Brown-2-by-Donald-J-Sobol.pdf In PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a08a06/Encyclopedia-Brown-and-the-Case-of-the-Mysterious-Handprints-Encyclopedia-Brown-16-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a04a06/Encyclopedia-Brown-and-the-Case-of-the-Midnight-Visitor-Encyclopedia-Brown-13-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a09a04/Encyclopedia-Brown-and-the-Case-of-Pablo-s-Nose-Encyclopedia-Brown-20-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a04a04a03a06a09/Encyclopedia-Brown-Cracks-the-Case-Encyclopedia-Brown-24-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a04a04a04a07a08/Encyclopedia-Brown-and-the-Case-of-the-Secret-UFOs-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a08a00a05a03a04/Encyclopedia-Brown-Takes-the-Cake-Encyclopedia-Brown-15-1-2-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a09a01/Encyclopedia-Brown-Super-Sleuth-Encyclopedia-Brown-25-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a00a04a02a01a08/Encyclopedia-Brown-Sets-The-Pace-Encyclopedia-Brown-15-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a04a07a05a06a01/Encyclopedia-Brown-Keeps-the-Peace-Encyclopedia-Brown-6-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a04a04/Encyclopedia-Brown-Shows-the-Way-Encyclopedia-Brown-9-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a08a00a05a04a03/Encyclopedia-Brown-Tracks-Them-Down-Encyclopedia-Brown-8-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a01a00a04a02/Encyclopedia-Brown-Gets-His-Man-Encyclopedia-Brown-4-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a04a04a02a08a07/Encyclopedia-Brown-Finds-the-Clues-by-Donald-J-Sobol.pdfIn PDF document text
    • http://muicuiu.dumb1.com/8a09a02a08a08a06/The-Film-Encyclopedia-The-Most-Comprehensive-Encyclopedia-of-World-Cinema-in-a-Single-Volume-by-Ephraim-Katz.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a01a09a00a09a02/Encyclopedia-Of-Architectural-And-Engineering-Feats-by-Donald-Langmead.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a07a05a08a02a08/Encyclopedia-of-Counseling-Package-Encyclopedia-of-Counseling-Master-Review-and-Tutorial-for-the-National-Counselor-Examination-State-Counseling-Preparation-Comprehensive-Examination-by-Howard-Rosenthal.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a02a02a08a05a09/Comic-Book-Dirty-Brown-A-successful-young-African-American-female-DJ-losses-her-power-to-entertain-her-fans-DJ-Dirty-Brown-Book-1-by-Tammy-Brown-Elkeles.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a00a01a06a09a07/The-Secret-of-Father-Brown-Father-Brown-4-by-G-K-Chesterton.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a00a00a04a08a05/Finding-N-E-D-No-Evidence-of-Disease-The-Story-of-Amanda-Faye-Brown-by-Michael-W-Brown.pdfIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.