Malicious PDF — malware analysis report

Static analysis result for SHA-256 31f872b52e552cae…

MALICIOUS

PDF

16.1 KB Created: 2019-04-30 04:01:10 +01:00 Authoring application: mPDF 5.7
MD5: ad5eb9b7ffcaf2cc537714b7b6971c56 SHA-1: 5b1d387934a4cbf28ad07f9600eb6b233a8c95c9 SHA-256: 31f872b52e552cae1fa99dbca49241c89d0cfe1aeb612987cffae90f301fe9a0
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which is indicative of a link farm or SEO poisoning attack. The ML classifier also flagged this PDF as malicious. The primary goal appears to be directing users to a multitude of external URLs, likely for malicious purposes such as phishing or malware distribution.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a04a02a08a09a04/Two-Days-In-Aragon-by-Molly-Keane.pdf
    • http://muicuiu.dumb1.com/2a06a06a01a03a01/Good-Behaviour-by-Molly-Keane.pdf
    • http://muicuiu.dumb1.com/1a07a03a04a05a00/Loving-and-Giving-by-Molly-Keane.pdf
    • http://muicuiu.dumb1.com/3a06a07a06a03/Good-Behaviour-by-Molly-Keane.pdf
    • http://muicuiu.dumb1.com/2a01a06a00a00a02/Rising-Tide-The-Threat-from-the-Sea-1-by-Mel-Odom.pdf
    • http://muicuiu.dumb1.com/3a04a01a03a04a06/Blood-Tide-Aquarius-Rising-2-by-Brian-Burt.pdf
    • http://muicuiu.dumb1.com/2a02a00a04a01a06/Under-a-Graveyard-Sky-Black-Tide-Rising-1-by-John-Ringo.pdf
    • http://muicuiu.dumb1.com/2a02a00a05a00a03/Ride-the-Rising-Tide-The-Maxwell-Saga-2-by-Peter-Grant.pdf
    • http://muicuiu.dumb1.com/1a07a07a07a02a00/Tide-Players-The-Movers-and-Shakers-of-a-Rising-China-by-Jianying-Zha.pdf
    • http://muicuiu.dumb1.com/3a08a06a06a00a04/To-Sail-a-Darkling-Sea-Black-Tide-Rising-2-by-John-Ringo.pdf
    • http://muicuiu.dumb1.com/9a08a07a04/Strands-of-Sorrow-Black-Tide-Rising-4-by-John-Ringo.pdf
    • http://muicuiu.dumb1.com/3a01a00a05a00a06/Rising-Tide-Dark-Innocence-The-Maura-DeLuca-Trilogy-1-by-Claudette-Melanson.pdf
    • http://muicuiu.dumb1.com/1a00a09a09a05a04/Rising-Tide-Dark-Innocence-The-Maura-DeLuca-Trilogy-1-by-Claudette-Melanson.pdf
    • http://muicuiu.dumb1.com/2a09a02a05a07a04/Time-After-Time-by-Molly-Keane.pdf
    • http://muicuiu.dumb1.com/1a08a09a07a08a03/Junk-Raft-An-Ocean-Voyage-and-a-Rising-Tide-of-Activism-to-Fight-Plastic-Pollution-by-Marcus-Eriksen.pdf
    • http://muicuiu.dumb1.com/4a00a07a02a07a05/The-Tide-The-Tide-1-by-Anthony-J-Melchiorri.pdf
    • http://muicuiu.dumb1.com/3a02a05a08a00a01/Molly-s-Surprise-A-Christmas-Story-American-Girls-Molly-3-by-Valerie-Tripp.pdf
    • http://muicuiu.dumb1.com/1a05a03a05a07a02/Changes-for-Molly-A-Winter-Story-American-Girls-Molly-6-by-Valerie-Tripp.pdf
    • http://muicuiu.dumb1.com/6a09a08a01a07a02/Unraveling-Molly-Part-Two-in-the-Molly-Luco-Story-by-Sophia-Derobe.pdf
    • http://muicuiu.dumb1.com/3a00a09a03a00a06/Molly-on-the-Range-Recipes-and-Stories-from-An-Unlikely-Life-on-a-Farm-by-Molly-Yeh.pdf
    • http://muicuiu.dumb1.com/9a08a07a04/Strands-of-S

Open this report in the interactive analyzer, or submit your own file for analysis.