Malicious PDF — malware analysis report

Static analysis result for SHA-256 33f18f75542c0964…

MALICIOUS

PDF

18.5 KB Created: 2019-04-30 17:51:56 +01:00 Authoring application: mPDF 5.7
MD5: 819d11dd0e75ab39c979b5ba8e250a5f SHA-1: f438c7f3bfa61a0578cea9a7b2b269bbea05e50e SHA-256: 33f18f75542c09648c51b2be4ac489424380b2985bba53ead8afe417a8f3aba1
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, hosted on a domain associated with a link farm. This suggests a tactic to distribute malicious content or lead users to potentially harmful sites. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9920

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/1201208202203207208/Die-Nat-rliche-Historie-Des-Nashorns-Welche-Von-Doctor-Parsons-Jn-Einem-Schreiben-an-Martin-Folkes-Rittern-Und-Pr-sidenten-Der-K-niglich-Englischen-Societ-t-Abgefasset-Mit-Zuverl-i-gen-Abbildungen-Versehen-by-James-Parsons.pdf
    • http://xiixmcuin.linkpc.net/5203208208/Alex-and-Eliza-Alex-amp-Eliza-1-by-Melissa-de-la-Cruz.pdf
    • http://xiixmcuin.linkpc.net/8203200206200/The-Mysterious-Benedict-Society-and-the-Prisoner-s-Dilemma-The-Mysterious-Benedict-Society-3-by-Trenton-Lee-Stewart.pdf
    • http://xiixmcuin.linkpc.net/1201201203201208200/Best-of-Gram-Parsons-by-Gram-Parsons.pdf
    • http://xiixmcuin.linkpc.net/4200202201207200/The-Mysterious-Benedict-Society-Collection-The-Mysterious-Benedict-Society-0-5-3-by-Trenton-Lee-Stewart.pdf
    • http://xiixmcuin.linkpc.net/3204208206205205/One-for-My-Baby-by-Tony-Parsons.pdf
    • http://xiixmcuin.linkpc.net/1205205208205202/Doing-Harm-by-Kelly-Parsons.pdf
    • http://xiixmcuin.linkpc.net/2201204203200208/Stories-We-Could-Tell-by-Tony-Parsons.pdf
    • http://xiixmcuin.linkpc.net/3201200208200207/A-World-Of-Their-Own-by-Lindsey-Parsons.pdf
    • http://xiixmcuin.linkpc.net/6209200202208200/Laved-by-the-Lycanthrope-by-Persephone-Parsons.pdf
    • http://xiixmcuin.linkpc.net/1200208203207202/Dead-Chest-Island-by-J-J-Parsons.pdf
    • http://xiixmcuin.linkpc.net/3206207206200208/My-Tank-Is-Fight-by-Zack-Parsons.pdf
    • http://xiixmcuin.linkpc.net/9207204206207203/Cappuccino-Kiss-by-Alexandra-Parsons.pdf
    • http://xiixmcuin.linkpc.net/1201201203200200206/Gram-Parsons-God-s-Own-Singer-by-Jason-Walker.pdf
    • http://xiixmcuin.linkpc.net/1201209206200206/Her-Land-Her-Love-by-Evangeline-Parsons-Yazzie.pdf
    • http://xiixmcuin.linkpc.net/4202201209203206/Through-the-Eyes-of-a-Child-Before-During-and-After-WWII-in-Poland-by-Martyna-Parsons.pdf
    • http://xiixmcuin.linkpc.net/5204204200207205/The-Great-Gatsby-The-Text-Guide-by-Richard-Parsons.pdf
    • http://xiixmcuin.linkpc.net/1200208200200200202/Without-Warning-by-Will-Napier.pdf
    • http://xiixmcuin.linkpc.net/1201201203200204204/Calling-Me-Home-Gram-Parsons-and-the-Roots-of-Country-Rock-by-Bob-Kealing.pdf
    • http://xiixmcuin.linkpc.net/4202201203205206/The-Warning-Bell-by-Tom-MacAulay.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.