Malicious PDF — malware analysis report

Static analysis result for SHA-256 33682ddf069b9e8f…

MALICIOUS

PDF

14.7 KB Created: 2019-04-30 05:43:40 +01:00 Authoring application: mPDF 5.7
MD5: e910849f0dc153ff796e496561ecbec4 SHA-1: 1583679a273773f08edc80858011147513526b48 SHA-256: 33682ddf069b9e8f21fe9f71a5348089340653592f136c504c3a6cb3165e7983
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The ML classifier strongly indicated maliciousness. While no scripts were extracted, the PDF structure and link farm heuristic suggest a malicious intent to redirect users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a01a02a04a09a03/Princess-Luciana-the-Pretty-Kitty-Cat-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/3a00a02a09a05a05/The-Orange-Mermaid-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/3a01a02a05a05a04/THE-TWIN-DOLPHINS-AND-THE-BIG-MOUNTAIN-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/4a07a09a04a09a01/Shane-and-Shawn-the-Shark-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/3a00a02a09a06a05/The-Blue-Mermaid-and-The-Little-Dolphin-Book-3-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/3a01a02a03a08a07/The-Blue-Mermaid-and-The-Little-Dolphin-Book-3-by-Nona-J-Fairfax.pdf
    • http://muicuiu.dumb1.com/2a03a03a00a01a01/Kitty-Kitty-Bad-Kitty-2-by-Michele-Jaffe.pdf
    • http://muicuiu.dumb1.com/4a00a00a00a07a00/Kitty-Raises-Hell-Kitty-Norville-6-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/2a03a04a05a02a08/Kitty-s-Greatest-Hits-Kitty-Norville-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/2a00a05a07a03a01/Kitty-s-House-of-Horrors-Kitty-Norville-7-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/3a09a09a00a04a05/Kitty-and-the-Silver-Bullet-Kitty-Norville-4-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/3a09a07a01a01a08/Kitty-Takes-a-Holiday-Kitty-Norville-3-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/5a04a00a09a00/Kitty-s-House-of-Horrors-Kitty-Norville-7-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/1a03a01a04a00a02/Kitty-s-Big-Trouble-Kitty-Norville-9-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/1a02a01a04a08a06/Kitty-Goes-to-War-Kitty-Norville-8-by-Carrie-Vaughn.pdf
    • http://muicuiu.dumb1.com/2a09a06a06a07a06/Bad-Kitty-Bad-Kitty-1-by-Michele-Jaffe.pdf
    • http://muicuiu.dumb1.com/4a00a09a09a01/Bad-Kitty-Bad-Kitty-1-by-Michele-Jaffe.pdf
    • http://muicuiu.dumb1.com/4a02a00a04a04a04/Pretty-Hot-Pretty-1-by-Donna-Alam.pdf
    • http://muicuiu.dumb1.com/5a04a03a04a09a09/Pretty-Hot-Pretty-1-by-Donna-Alam.pdf
    • http://muicuiu.dumb1.com/7a04a06a02a04/Nona-amp-Me-by-Clare-Atkins.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.