Malicious PDF — malware analysis report

Static analysis result for SHA-256 31565e0457051a68…

MALICIOUS

PDF

18.0 KB Created: 2019-05-02 01:43:30 +01:00 Authoring application: mPDF 5.7
MD5: 3a3e5c0846d29824212f9a34f8ee4c91 SHA-1: ec245b32438b4cfe78a20aed8f08c2786bae68d9 SHA-256: 31565e0457051a684239294d9b66fb3c1bb1e490c13b9d41e8929329a58b274d
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a link farm with 25 external links, all pointing to PDF documents. The ML classifier strongly indicated maliciousness. The primary attack pattern involves directing users to a large number of external resources, likely for SEO poisoning or to host malicious content disguised as legitimate documents.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a04a08a09a06a06/Dead-Wrong-Calladine-amp-Bayliss-1-by-Helen-H-Durrant.pdf
    • http://muicuiu.dumb1.com/3a01a09a01a03/Wish-Me-Dead-by-Helen-Grant.pdf
    • http://muicuiu.dumb1.com/5a06a01a09a08a04/Dead-Lovely-by-Helen-Fitzgerald.pdf
    • http://muicuiu.dumb1.com/1a09a01a01a01/Necrologue-The-Diva-Book-of-the-Dead-and-the-Undead-by-Helen-Sandler.pdf
    • http://muicuiu.dumb1.com/7a03a00a03a09/Dead-Man-Walking-The-Eyewitness-Account-of-the-Death-Penalty-That-Sparked-a-National-Debate-by-Helen-Prejean.pdf
    • http://muicuiu.dumb1.com/8a03a07a08a04a05/A-Jealous-Type-of-Love-by-Bri-Deshai.pdf
    • http://muicuiu.dumb1.com/4a05a00a04a09a01/The-Man-Who-Made-Husbands-Jealous-by-Jilly-Cooper.pdf
    • http://muicuiu.dumb1.com/8a05a01a05a07/Pandora-Gets-Jealous-Mythic-Misadventures-1-by-Carolyn-Hennesy.pdf
    • http://muicuiu.dumb1.com/1a01a03a09a04a07/Jealous-Hearted-Me-Stories-by-Nancy-Huddleston-Packer.pdf
    • http://muicuiu.dumb1.com/3a06a05a04/Lie-With-Me-by-Sabine-Durrant.pdf
    • http://muicuiu.dumb1.com/6a01a07a08a05/The-Man-Who-Made-Husbands-Jealous-Rutshire-Chronicles-4-by-Jilly-Cooper.pdf
    • http://muicuiu.dumb1.com/1a09a08a08a08a05/Under-Your-Skin-by-Sabine-Durrant.pdf
    • http://muicuiu.dumb1.com/4a04a03a02a05a00/Remember-Me-This-Way-by-Sabine-Durrant.pdf
    • http://muicuiu.dumb1.com/4a03a01a09a01a00/Under-Your-Skin-by-Sabine-Durrant.pdf
    • http://muicuiu.dumb1.com/3a09a07a02a01a05/Running-on-Empty-by-S-E-Durrant.pdf
    • http://muicuiu.dumb1.com/4a08a06a01a00a07/The-Wake-Crasher-by-Robert-Durrant.pdf
    • http://muicuiu.dumb1.com/1a06a06a05a00a04/The-Reluctant-Killer-by-Robert-Durrant.pdf
    • http://muicuiu.dumb1.com/9a01a05a03a01a07/Garratt-Lokomotiven-Der-Welt-Ubersetzt-Und-Bearbeitet-Von-Wolfgang-Stoffels-by-Durrant.pdf
    • http://muicuiu.dumb1.com/1a08a06a06a02a05/Helen-s-Eyes-A-Photobiography-of-Annie-Sullivan-Helen-Keller-s-Teacher-by-Marfe-Ferguson-Delano.pdf
    • http://muicuiu.dumb1.com/4a02a09a05a08a03/True-Blood-Omnibus-2-Dead-to-the-World-Dead-as-a-Doornail-Definitely-Dead-Sookie-Stackhouse-4-6-by-Charlaine-Harris.pdf
    • http://muicuiu.dumb1.com/4a05a00a04a09a01/The-Man-Who-Made-Husbands-Jealous-by-Jilly-Coope

Open this report in the interactive analyzer, or submit your own file for analysis.