Malicious PDF — malware analysis report

Static analysis result for SHA-256 37d2f64e6edd2ede…

MALICIOUS

PDF

17.5 KB Created: 2019-05-02 00:49:05 +01:00 Authoring application: mPDF 5.7
MD5: ca655e64194cd005f5762555463c7d84 SHA-1: 74a0174952d5bac8b6801f5b08238cb5a0abb7c8 SHA-256: 37d2f64e6edd2ede2867deaa882fd9dde48c71c805834b7ac2de1876aab9509e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a link farm pointing to numerous external PDF documents hosted on the domain 'muicuiu.dumb1.com'. This heuristic, combined with the ML classifier's high confidence, suggests a malicious intent to redirect users to potentially harmful content. No scripts were extracted, and the document body was heavily obfuscated, limiting further analysis of the specific lure.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a01a06a00a08a08a04/What-Is-Modernity-Writings-of-Takeuchi-Yoshimi-by-Yoshimi-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a08a02/Takeuchi-Yoshimi-Displacing-the-West-by-Richard-F-Calichman.pdf
    • http://muicuiu.dumb1.com/2a08a04a00a03a01/Dog-X-Cat-1-by-Yoshimi-Amasaki.pdf
    • http://muicuiu.dumb1.com/3a02a07a06a07a06/Tokyo-Tales-A-Collection-of-Japanese-Short-Stories-Illustrations-by-Yoshimi-Ohtani-by-Renae-Lucas-Hall.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a08a08a03/All-You-Need-Is-Kill-2-by-Ryosuke-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a01a04/Her-Majesty-s-Dog-Volume-11-by-Mick-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a01a02/Her-Majesty-s-Dog-Volume-9-by-Mick-Takeuchi.pdf
    • http://muicuiu.dumb1.com/2a07a06a06a09a04/Her-Majesty-s-Dog-Volume-1-by-Mick-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a00a08a08a04a03a04/Meet-Sailor-Moon-by-Naoko-Takeuchi.pdf
    • http://muicuiu.dumb1.com/3a09a03a08a04a00/Pastors-Wives-by-Lisa-Takeuchi-Cullen.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a08a07/Bound-Beauty-Volume-5-by-Mick-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a00a08a08a04a03a01/Meet-Sailor-Mars-Fire-by-Naoko-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a00a08a08a03a09a07/Meet-Sailor-Moon-Crystal-by-Naoko-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a01a06/Perfect-Blue-Complete-Metamorphosis-by-Yoshikazu-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a07a07/Remember-Me-A-Lively-Tour-of-the-New-American-Way-of-Death-by-Lisa-Takeuchi-Cullen.pdf
    • http://muicuiu.dumb1.com/1a01a06a00a09a08a00/--6-Ballroom-e-Youkoso-6-Welcome-to-the-Ballroom-6-by-Tomo-Takeuchi.pdf
    • http://muicuiu.dumb1.com/4a01a09a01a05a02/All-You-Need-Is-Kill-Vol-1-All-You-Need-Is-Kill-1-by-Ryosuke-Takeuchi.pdf
    • http://muicuiu.dumb1.com/2a07a09a02a01a03/Pretty-Guardian-Sailor-Moon-Vol-9-Pretty-Soldier-Sailor-Moon-Renewal-Edition-9-by-Naoko-Takeuchi.pdf
    • http://muicuiu.dumb1.com/2a07a09a02a01a02/Pretty-Guardian-Sailor-Moon-Vol-12-Pretty-Soldier-Sailor-Moon-by-Naoko-Takeuchi.pdf
    • http://muicuiu.dumb1.com/1a09a03a05a08a03/Sailor-Moon-3-Sailor-Moon-3-by-Naoko-Takeuchi.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.