Malicious PDF — malware analysis report

Static analysis result for SHA-256 39635d7e2e01f051…

MALICIOUS

PDF

13.9 KB Created: 2020-03-18 23:00:54 +00:00 Authoring application: mPDF 5.7
MD5: f291ee341eb5c1099a9f469b95e2b5f5 SHA-1: fde79b750e8b555d657327a2e4adf4af5256d788 SHA-256: 39635d7e2e01f05110cafd0ac3d66f7ecd0e69b767e6d009157ee29d136b260b
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs pointing to external websites, a technique often used for SEO manipulation or to distribute further malicious content. The ML classifier strongly supports a malicious verdict. The primary attack pattern involves directing users to a link farm hosted on 'ieuicufioao.myhome.cx'. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/1554557556557555/The-Boss-Book-One-The-Boss-1-by-Cari-Quinn.pdf
    • http://ieuicufioao.myhome.cx/2552557554550553/Like-a-F-cking-Boss-Run-the-World-1-by-Quinn.pdf
    • http://ieuicufioao.myhome.cx/5554556557550555/Her-Dirty-Boss-Book-1-by-Sadie-Koenig.pdf
    • http://ieuicufioao.myhome.cx/6558558554557553/Yes-Master-Taken-by-my-Billionaire-Boss-Book-3-by-Kenzie-Haven.pdf
    • http://ieuicufioao.myhome.cx/2555552555553555/The-Boss-by-J-L-Perry.pdf
    • http://ieuicufioao.myhome.cx/4553550559554556/Under-the-Boss-by-Xondra-Day.pdf
    • http://ieuicufioao.myhome.cx/1554557552559558/Unwrapped-by-Cari-Quinn.pdf
    • http://ieuicufioao.myhome.cx/2559552551555552/The-Last-Boss-Daughter-by-Sam-Mariano.pdf
    • http://ieuicufioao.myhome.cx/1550553559550552551/The-Boss-s-Pet-by-Maggie-Chatterley.pdf
    • http://ieuicufioao.myhome.cx/3554557559553558/You-re-the-Boss-by-Anna-Singh.pdf
    • http://ieuicufioao.myhome.cx/4558556556557556/Into-the-Firestorm-BOSS-Inc-3-by-Kat-Martin.pdf
    • http://ieuicufioao.myhome.cx/8552559555555556/Who-Is-the-Boss-by-Josse-Goffin.pdf
    • http://ieuicufioao.myhome.cx/3552556555558551/Who-s-the-Boss-by-Jill-Shalvis.pdf
    • http://ieuicufioao.myhome.cx/1557557556551552/The-Wright-Boss-by-K-A-Linde.pdf
    • http://ieuicufioao.myhome.cx/1550552554558558553/Manipulated-Hammered-3-by-Cari-Quinn.pdf
    • http://ieuicufioao.myhome.cx/2557551556550552/Manhandled-Hammered-2-by-Cari-Quinn.pdf
    • http://ieuicufioao.myhome.cx/3553553559556557/Owned-by-the-Mob-Boss-by-Ashley-Hall.pdf
    • http://ieuicufioao.myhome.cx/1554555552559557/Lawless-Mob-Boss-3-by-Michelle-St-James.pdf
    • http://ieuicufioao.myhome.cx/3554557559554554/Deceiving-Her-Boss-by-Elizabeth-Powers.pdf
    • http://ieuicufioao.myhome.cx/1550550552552558553/Cherished-By-A-Boss-3-The-Finale-by-A-J-Davidson.pdf
    • http://ieuicufioa

Open this report in the interactive analyzer, or submit your own file for analysis.