Malicious PDF — malware analysis report

Static analysis result for SHA-256 3a3583482c50cde3…

MALICIOUS

PDF

13.0 KB Created: 2019-05-07 04:46:38 +01:00 Authoring application: mPDF 5.7
MD5: 07ee9b145807a2d991b780d525c2467e SHA-1: a5848b2414abb88a74c1f8be887a0b4d8afee644 SHA-256: 3a3583482c50cde38379100ecf94932edc86c38cf6e777bdca25d5ee79ea259e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While many of these links point to benign content, the sheer volume and the ML classifier's high confidence score suggest a malicious intent, possibly for SEO spam or to host further malicious content. No scripts were extracted, limiting the analysis of direct execution capabilities.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9006

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a09a01a01a03/A-Place-to-Call-Home-by-Deborah-Smith.pdf
    • http://muicuiu.dumb1.com/5a00a00a01a07a01/Welcome-to-Last-Chance-A-Place-to-Call-Home-1-by-Cathleen-Armstrong.pdf
    • http://muicuiu.dumb1.com/6a02a05a05a07a00/The-Only-Way-Is-Up-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/6a02a05a06a00a00/You-Drive-Me-Crazy-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/1a09a07a08a03a00/Girls-Night-Out-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/4a07a01a01a06a08/The-Christmas-Party-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/1a04a06a08a04a01/The-Cake-Shop-In-The-Garden-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/4a04a09a04a06/The-Chocolate-Lovers-Diet-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/2a06a01a02a08a04/Paper-Hearts-amp-Summer-Kisses-by-Carole-Matthews.pdf
    • http://muicuiu.dumb1.com/2a04a04a04a09a03/Call-Me-Joker-s-Wild-1-by-Lena-Matthews.pdf
    • http://muicuiu.dumb1.com/4a01a08a08a05a00/Returning-Home-The-Call-of-Home-2-by-Alexa-Milne.pdf
    • http://muicuiu.dumb1.com/2a07a06a08a04a05/The-Long-Road-Home-A-Place-Called-Home-3-by-Lori-Wick.pdf
    • http://muicuiu.dumb1.com/3a01a00a04a03a00/Coming-Home-Book-1-by-Misty-Matthews.pdf
    • http://muicuiu.dumb1.com/1a00a07a06a00a06/Drag-Down-to-Unlock-or-Place-an-Emergency-Call-by-Melinda-Smith.pdf
    • http://muicuiu.dumb1.com/6a08a07a05a09/Nowhere-to-Call-Home-by-Cynthia-C-DeFelice.pdf
    • http://muicuiu.dumb1.com/6a02a09a00a07a08/Land-to-Call-Home-by-Lauraine-Snelling.pdf
    • http://muicuiu.dumb1.com/3a08a02a00a02a09/No-Place-Like-Home-by-Dee-Romito.pdf
    • http://muicuiu.dumb1.com/4a03a00a05a02a09/No-Place-Like-Home-by-Nicole-Sobon.pdf
    • http://muicuiu.dumb1.com/9a09a07a08a07a05/The-Folks-2-No-Place-Like-Home-by-Ray-Garton.pdf
    • http://muicuiu.dumb1.com/2a01a00a09a03a08/There-s-No-Place-Like-Home-by-Cecelia-Ahern.pdf
    • http://muicuiu.dumb1.com/1a00a07a06a00a06/Drag-Down-to-Unlock-or-Place

Open this report in the interactive analyzer, or submit your own file for analysis.