Malicious PDF — malware analysis report

Static analysis result for SHA-256 2de9445eae68dfde…

MALICIOUS

PDF

16.3 KB Created: 2019-04-30 04:32:45 +01:00 Authoring application: mPDF 5.7 First seen: 2021-04-01
MD5: a33e1140d4f7bde3303cc121ed566301 SHA-1: db92eefa2691852c78f7df7f02ba893153ddd284 SHA-256: 2de9445eae68dfde55d379b5b0e3a8ff8cad44de7918b89e57904f9d1685c289
100 Risk Score

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a09a04a02a05a02/3-Plays-By-Ibsen-Hedda-Gabler-A-Doll-s-House-The-Wild-Duck-by-Henrik-Ibsen.pdf In PDF document text
    • http://muicuiu.dumb1.com/1a00a07a09a01a04a04/A-Doll-s-House-and-Hedda-Gabler-by-Linnea.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a03a05a07a01a00/Ghosts-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a00a01a04a06/Ghosts-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a02a06a04a04a03/A-Doll-s-House-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a06a00a03a04/The-Master-Builder-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a02a08a01a02/A-Doll-s-House-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a09a05a05a03a01/Peer-Gynt-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a05a08a07a06a09/Gesamtwerk---Einf-hrung-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a08a08a06a03a09/Lady-Inger-of-Ostrat-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a06a00a07a04a04/Ein-Volksfeind-Schauspiel-in-f-nf-Akten-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a05a00a01a05a04/The-Connection-Between-Henrik-Ibsen-and-the-Stockmann-Family-by-Hilde-Widerberg.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a08a06a03a07a04/Peer-Gynt-Vollst-ndige-deutsche-Ausgabe-Ein-dramatisches-Gedicht-Norwegische-M-rchen-by-Henrik-Ibsen.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a04a07a03a03a01/Plants-Do-Amazing-Things-by-Hedda-Nussbaum.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a02a03a01a08a03/Der-Gang-in-Die-Weite-by-Erdmute-Gabler.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a08a08a00a00/Death-of-the-Dream-Farmhouses-of-the-Heartland-by-William-G-Gabler.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a06a04a06a08a02/Handbuch-der-Forschung-zum-Lehrerberuf-by-Hedda-Bennewitz-Martin-Rothland-Ewald-Terhart.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a01a07a09a04/Winchell-Gossip-Power-and-the-Culture-of-Celebrity-by-Neal-Gabler.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a00a04a03a09a01/Barbra-Streisand-Redefining-Beauty-Femininity-and-Power-by-Neal-Gabler.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a03a04a04a04a08/Away-With-Words-by-Henrik-Hoeg.pdfIn PDF document text