Malicious PDF — malware analysis report

Static analysis result for SHA-256 4469e3838ba34d3b…

MALICIOUS

PDF

14.8 KB Created: 2019-04-30 04:08:26 +01:00 Authoring application: mPDF 5.7
MD5: 2e246c634ad333586bb5af68e5710d3c SHA-1: f6cac1014d911d7193d5dbbd15ffeb15a669fdf4 SHA-256: 4469e3838ba34d3ba639b0279865cae00ef5833057c00090a9043aa65fe5f611
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious. The embedded URLs likely serve to redirect users to malicious content or phishing pages, a common tactic for SEO poisoning or traffic generation schemes.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a08a07a00a01a09/The-Rings-of-Apollo---Awakenings-Apollo-2-by-Barry--Smith.pdf
    • http://muicuiu.dumb1.com/1a00a03a07a06a03/Beyond-Apollo-by-Barry-N-Malzberg.pdf
    • http://muicuiu.dumb1.com/4a08a04a08a05a01/Sword-of-Apollo-A-Novel-The-Warrior-Trilogy-3-by-Noble-Smith.pdf
    • http://muicuiu.dumb1.com/2a02a07a05a05a00/Secrets-Among-Men-by-Apollo-Surge.pdf
    • http://muicuiu.dumb1.com/2a02a07a01a01a08/Fire-amp-Ice-by-Apollo-Surge.pdf
    • http://muicuiu.dumb1.com/2a00a08a09a05a07/Doctor-Who-Apollo-23-by-Justin-Richards.pdf
    • http://muicuiu.dumb1.com/3a09a02a01a05a08/Apollo-s-Outcasts-by-Allen-M-Steele.pdf
    • http://muicuiu.dumb1.com/7a05a04a04a07a07/Apollo-by-Chimamanda-Ngozi-Adichie.pdf
    • http://muicuiu.dumb1.com/7a04a08a05a04a08/Dune-Raider-by-Apollo-Butler.pdf
    • http://muicuiu.dumb1.com/3a03a09a06a01a01/Apollo-s-Curse-by-Brad-Vance.pdf
    • http://muicuiu.dumb1.com/1a01a00a05a05a08/Moonshot-The-Flight-of-Apollo-11-by-Brian-Floca.pdf
    • http://muicuiu.dumb1.com/3a02a01a03a07a06/Untitled-The-Trials-of-Apollo-5-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/2a09a03a07a00a04/The-Hidden-Oracle-The-Trials-of-Apollo-1-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/3a09a03a05a03a07/The-Burning-Maze-The-Trials-of-Apollo-3-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/3a01a08a01/The-Hidden-Oracle-The-Trials-of-Apollo-1-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/2a04a08a01a00a07/The-Dark-Prophecy-The-Trials-of-Apollo-2-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/3a06a07a02a00a04/Eclipsing-Apollo-Loves-of-Olympus-3-by-Sasha-Summers.pdf
    • http://muicuiu.dumb1.com/1a01a04a08a09a04a00/Apollo-11-The-History-of-a-Small-Step-by-Thomas-Hofstatter.pdf
    • http://muicuiu.dumb1.com/3a03a07a09a05a07/The-Burning-Maze-The-Trials-of-Apollo-3-by-Rick-Riordan.pdf
    • http://muicuiu.dumb1.com/3a04a06a05a02a09/Recovering-Apollo-8-and-Other-Stories-by-Kristine-Kathryn-Rusch.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.