Malicious PDF — malware analysis report

Static analysis result for SHA-256 3e9720410288c0ae…

MALICIOUS

PDF

13.6 KB Created: 2019-05-05 16:46:13 +01:00 Authoring application: mPDF 5.7
MD5: 39cb74c93c35a19326223999a961b936 SHA-1: 25247df5c3c4c668532eeb00a35f8b18ebe04fd3 SHA-256: 3e9720410288c0ae326ad324d1371df4fe247573af60c92e0ecf695a158552af
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF file was flagged by a machine learning classifier as malicious. Static analysis revealed a large number of embedded links, forming a link farm. These links point to external PDF files, suggesting a potential distribution or traffic-driving scheme. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9877

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://unieoooq.linkpc.ne
    • http://unieoooq.linkpc.net/44e34e44e84e24e8/Sable-Does-It-in-the-Kitchen-Cookbook-Volume-1-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/34e24e64e34e04e3/Godsend-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/44e44e04e54e44e3/Texas-Maverick-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/14e84e44e64e64e8/A-Wishing-Moon-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/34e44e54e64e14e9/T-R-O-U-B-L-E-Texas-Heat-1-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/24e04e24e64e34e9/I-ll-See-You-in-My-Dreams-Hell-Yeah-8-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/24e04e24e64e04e9/Welcome-To-My-World-Hell-Yeah-14-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/24e04e24e54e64e5/I-ll-Remember-You-Hell-Yeah-11-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/34e84e44e34e44e2/Hot-On-Her-Trail-Hell-Yeah-2-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/24e04e24e54e54e9/Skye-Blue-Hell-Yeah-10-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/24e34e04e24e14e9/Texas-C-H-A-O-S-Texas-Heroes-2-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/14e74e14e74e44e8/Burning-Love-Hell-Yeah-Cajun-Style-1-Hell-Yeah-6-by-Sable-Hunter.pdf
    • http://unieoooq.linkpc.net/14e34e74e24e7/Sable-by-Karen-Hesse.pdf
    • http://unieoooq.linkpc.net/54e24e34e04e94e4/The-Language-of-this-Land-Mi-kma-ki-by-Trudy-Sable.pdf
    • http://unieoooq.linkpc.net/14e94e34e44e44e4/Spider-Man-vs-Silver-Sable-by-Tom-DeFalco.pdf
    • http://unieoooq.linkpc.net/54e24e14e74e54e6/Sable-Island-by-Bruce-Armstrong.pdf
    • http://unieoooq.linkpc.net/24e74e74e14e64e6/Sable-Shadow-and-Ice-by-Cheryl-J-Franklin.pdf
    • http://unieoooq.linkpc.net/44e44e64e34e04e7/Shaken-and-Stirred-by-Sable-Jordan.pdf
    • http://unieoooq.linkpc.net/14e84e24e04e04e2/Splash-Sable-World-0-5-by-Baine-Kelly.pdf
    • http://unieoooq.linkpc.net/64e44e54e74e94e9/Minutes-de-Sable-Memori-by-Alfred-Jarry.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.