Malicious PDF — malware analysis report

Static analysis result for SHA-256 4232b5c6dec5487b…

MALICIOUS

PDF

123.3 KB Created: 2022-07-05 02:48:32 +00:00 Authoring application: lynpri (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: 457d4c7e980ea04c104e810e827eae60 SHA-1: b6ea2f3c25dfe9edf63183147be2a73e27cb1d29 SHA-256: 4232b5c6dec5487b6444d6f5681b7ba2e2ae418e8ae8c7f735fe2b2918b48bc2
64 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF contains a large number of external links, many of which are SEO-optimized and point to sites offering software downloads. One heuristic specifically identified a 'PDF_SEO_LINK_FARM', indicating a tactic to generate traffic and potentially distribute malware. The primary IOC is a URL that appears to be a download link for Adobe Photoshop.

Machine Learning

  • Nyx PDF Classifier clean score 0.0071

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://esecuritys.com/QWRvYmUgUGhvdG9zaG9wIENDIDIwMTUgdmVyc2lvbiAxNgQWR/bedridden.../ZG93bmxvYWR8bEc2TTJodWFYeDhNVFkxTmprNE1UVXdOSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA.......beet?nized=counsel
    • https://www.flyerbee.com/photoshop-cs3-full-license-license-key-free-download-pc-windows-updated-2/
    • https://www.winonalake.net/sites/g/files/vyhlif4056/f/news/comprehensive_plan_winona_lake_final.pdf
    • https://kaushalmati.com/adobe-photoshop-2021-version-22-2-crack-keygen-with-serial-number-license-code-keygen-free-download-march-2022/
    • https://www.cameraitacina.com/en/system/files/webform/feedback/yevechri762.pdf
    • https://www.pttech.com/sites/default/files/webform/Adobe-Photoshop-2022-Version-2311.pdf
    • https://squalefishing.com/advert/photoshop-2021-version-22-4-3-mac-win/
    • https://www.promorapid.com/upload/files/2022/07/5GabJbxPIHk3Ja3SpkNs_05_f1a8431d67a60763da01a32debdbdff6_file.pdf
    • https://www.cameraitacina.com/en/system/files/webform/feedback/photoshop-cs3_11.pdf
    • https://attitude.ferttil.com/upload/files/2022/07/MgZcptNKUpzYAjo2mzf5_05_bcd92cc822d746696c123cb19ca8b047_file.pdf
    • http://pepsistars.com/wp-content/uploads/2022/07/onicsta.pdf
    • https://wvs.nrw/adobe-photoshop-2022-version-23-1-crack-keygen-download-updated-2022/
    • http://www.ubom.com/upload/files/2022/07/2xKvheM38joBhCt7InUI_05_79ebb4bcedb128b96f5f9d4af1b84aa3_file.pdf
    • http://radialamoladora.com/?p=3768
    • https://rucaonline.com/adobe-photoshop-cc-2015-version-16-crack-with-serial-number-download/
    • https://www.denniswater.org/sites/g/files/vyhlif4326/f/uploads/2022_hhw_brochure_dennis.pdf
    • http://www.delphineberry.com/?p=14966
    • https://influencerstech.com/upload/files/2022/07/C2RQhEKpzxQ43LSEoc2g_05_bcd92cc822d746696c123cb19ca8b047_file.pdf
    • https://www.cheddrbox.com/upload/files/2022/07/kgh4XzVfi62QULqJkUcy_05_79ebb4bcedb128b96f5f9d4af1b84aa3_file.pdf
    • http://www.vclouds.com.au/?p=720487
    • https://siddhaastrology.com/wp-content/uploads/2022/07/latfirm.pdf
    • https://richonline.club/upload/files/2022/07/GgAr8MSihrRzt5P9duRJ_05_f1a8431d67a60763da01a32debdbdff6_file.pdf
    • https://fennylaw.com/photoshop-2021-version-22-4-1-for-pc/
    • https://ontimewld.com/upload/files/2022/07/FeECbgUfGNOYsZKDjECM_05_f1a8431d67a60763da01a32debdbdff6_file.pdf
    • http://cipheadquarters.com/?p=27778
    • http://jwbotanicals.com/adobe-photoshop-cc-2015-version-18-install-crack-x64/
    • https://lll.dlxyjf.com/upload/files/2022/07/JfSICHhxD6oLYXroDW4j_05_79ebb4bcedb128b96f5f9d4af1b84aa3_file.pdf
    • https://trello.com/c/IuqLIbGE/102-adobe-photoshop-2022-version-232-patch-with-serial-key-free-2022
    • https://stinger-live.s3.amazonaws.com/upload/files/2022/07/JLVInLCfkMMtBgV2b4De_05_f1a8431d67a60763da01a32debdbdff6_file.pdf
    • https://www.desu.edu/system/files/webform/4846/granoli851.pdf
    • http://comroarac.yolasite.com/resources/Adobe-Photoshop-2022-Version-2301-Download-April2022.pdf
    • http://www.tcpdf.org
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.