Malicious PDF — malware analysis report

Static analysis result for SHA-256 43e4178ed78e06d8…

MALICIOUS

PDF

16.4 KB Created: 2019-05-06 16:55:48 +01:00 Authoring application: mPDF 5.7
MD5: 987fd35ab3f6b5b34605e7c4765f119e SHA-1: 626d785a72d8f821a2ff3ce580d6a71a7e154ef5 SHA-256: 43e4178ed78e06d8a60a41bb52a40bda1d319f4f83e040e5e32aab58241b7d35
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious with high confidence. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a link farm or redirection to potentially malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/5a01a07a01a02a07/Perennials-by-Judith-Kitchen.pdf
    • http://muicuiu.dumb1.com/4a00a05a05a09a04/Poison-Perennials-and-a-Poltergeist-Petal-Pushers-Mystery-1-by-Tina-D-C-Hayes.pdf
    • http://muicuiu.dumb1.com/3a07a09a04a07/The-Manse-by-Lisa-W-Cantrell.pdf
    • http://muicuiu.dumb1.com/3a05a02a02a09a06/KNIGHT-STORM-by-Ria-Cantrell.pdf
    • http://muicuiu.dumb1.com/5a00a03a01a07a04/Her-Kind-of-Man-by-Elaine-Cantrell.pdf
    • http://muicuiu.dumb1.com/1a01a00a05a06a09a07/The-Contractors-Jon-Cantrell-1-by-Harry-Hunsicker.pdf
    • http://muicuiu.dumb1.com/3a06a08a01a01a01/A-Consortium-of-Worlds-2-by-Courtney-Cantrell.pdf
    • http://muicuiu.dumb1.com/1a01a02a08a04a00a01/Vorsicht-Liebesgefahr-Baccara-1817-by-Kat-Cantrell.pdf
    • http://muicuiu.dumb1.com/2a02a01a00a00a06/Like-Him-With-Friends-Possess-d-by-Allen-Simmons-Cantrell.pdf
    • http://muicuiu.dumb1.com/5a02a06a05a01/A-Trace-of-Smoke-Hannah-Vogel-1-by-Rebecca-Cantrell.pdf
    • http://muicuiu.dumb1.com/5a01a01a02a05a06/Stephen-F-Austin-Empresario-of-Texas-by-Gregg-Cantrell.pdf
    • http://muicuiu.dumb1.com/5a00a08a07a07a09/Kenneth-and-John-B-Rayner-and-the-Limits-of-Southern-Dissent-by-Gregg-Cantrell.pdf
    • http://muicuiu.dumb1.com/1a00a05a07a07a01a02/Privatdetektiv-Tony-Cantrell-Sammelband-3---F-nf-Krimis-in-einem-Band-by-A-F-Morland.pdf
    • http://muicuiu.dumb1.com/2a09a03a04a04a09/Julie-amp-Julia-365-days-524-recipes-1-tiny-apartment-kitchen-by-Julie-Powell.pdf
    • http://muicuiu.dumb1.com/6a00a00a09a09a07/Mies-Julie-Based-on-August-Strindberg-s-Miss-Julie-by-Yael-Farber.pdf
    • http://muicuiu.dumb1.com/1a00a05a07a05a07a02/Privatdetektiv-Tony-Cantrell-Sammelband-1---F-nf-Krimis-in-einem-Band-by-Earl-Warren.pdf
    • http://muicuiu.dumb1.com/1a00a05a07a06a08a03/Privatdetektiv-Tony-Cantrell-Sammelband-2---F-nf-Krimis-in-einem-Band-by-Cedric-Balmore.pdf
    • http://muicuiu.dumb1.com/1a03a05a05a07a03/Meet-Julie-American-Girls-Julie-1-by-Megan-McDonald.pdf
    • http://muicuiu.dumb1.com/1a04a02a05a00a01/Julie-s-Journey-American-Girls-Julie-5-by-Megan-McDonald.pdf
    • http://muicuiu.dumb1.com/1a03a07a02a04/Julie-Julie-of-the-Wolves-2-by-Jean-Craighead-George.pdf
    • http://muicuiu.dumb1.com/5a00a08a07a07a09/Kenneth-and-John

Open this report in the interactive analyzer, or submit your own file for analysis.