Malicious PDF — malware analysis report

Static analysis result for SHA-256 34e615cd64295748…

MALICIOUS

PDF

12.5 KB Created: 2019-05-07 08:18:09 +01:00 Authoring application: mPDF 5.7
MD5: b288b749cc25914a996c6b0804b9725e SHA-1: 873b5867dcee44e0dfecc73167e59cf4ebf6b4d2 SHA-256: 34e615cd642957482dd4741eee7f3a0874a5e4aaca97558d35d7bab5d0eec3d3
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified as a link farm, directing users to external PDF files. These links are presented in a way that suggests they are books, likely as a lure. The ML classifier also flagged this PDF as malicious. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a05a09a06a03a05/A-Will-And-A-Way-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a08a06a09a06a02/Ever-After-Once-Upon-2-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/8a04a04a06a06/The-Witness-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a01a01a00a00/Birthright-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/8a09a09a02a05/Come-Sundown-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a09a02a02a04a08/Partners-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a02a04a04a06/In-Dreams-Once-Upon-3-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a02a03a08a02/Once-Upon-a-Rose-Once-Upon-4-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/2a00a09a06a06a01/Montana-Sky-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/3a01a08a04a09a00/The-Collector-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/4a07a09a01a08a06/Tribute-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a02a04a04a04/Once-Upon-a-Dream-Once-Upon-3-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/2a05a05a09a03a05/Tonight-and-Always-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/2a04a08a08a01a08/The-Collector-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a05a02a00a06a02/Hot-Rocks-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a08a06a04a05a04/One-Summer-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/9a00a03a07a08/The-Obsession-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/3a00a03a03a01a07/The-Welcoming-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a02a02a08a06/Key-of-Light-Key-Trilogy-1-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/9a00a09a05a05/Local-Hero-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/1a02a04a04a04/Once-Upon-a-Dream-Once-Upon-3-by-Nora-R

Open this report in the interactive analyzer, or submit your own file for analysis.