Malicious PDF — malware analysis report

Static analysis result for SHA-256 45403f445b8e9488…

MALICIOUS

PDF

13.0 KB Created: 2019-05-02 19:39:58 +01:00 Authoring application: mPDF 5.7
MD5: a582f301dce28769ccdd6f5a7050edf4 SHA-1: 171e1e6120e3f370b37fddf41534cd0e4e084718 SHA-256: 45403f445b8e9488ab836061e25de71efb17bd7456ff1f57043c58768d4919fa
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a link farm of 21 external PDF links, disguised as a download button. The ML classifier also flagged this PDF as malicious. The embedded URLs are likely part of a phishing or content-scraping scheme, aiming to redirect users to potentially malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8891

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a07a01a03a00a02/The-Seasoning-of-a-Chef-My-Journey-from-Diner-to-Ducasse-and-Beyond-by-Doug-Psaltis.pdf
    • http://muicuiu.dumb1.com/5a01a09a07a07a06/Red-Fever-Red-Fever-1-by-Caroline-Clough.pdf
    • http://muicuiu.dumb1.com/4a08a04a07a00a00/War-Fever-by-J-G-Ballard.pdf
    • http://muicuiu.dumb1.com/1a00a03a04a06a06a07/Fever-by-V-K-Powell.pdf
    • http://muicuiu.dumb1.com/1a09a08a01a06a03/Fever-by-J-M-G-Le-Cl-zio.pdf
    • http://muicuiu.dumb1.com/2a01a09a03a00a09/Grace-and-the-Fever-by-Zan-Romanoff.pdf
    • http://muicuiu.dumb1.com/4a00a02a09a07a03/Cabin-Fever-by-B-A-Tortuga.pdf
    • http://muicuiu.dumb1.com/4a08a05a09a04a04/Road-Fever-by-Tim-Cahill.pdf
    • http://muicuiu.dumb1.com/2a06a04a04a01a03/Fever-by-Friedrich-Glauser.pdf
    • http://muicuiu.dumb1.com/6a04a08a09a06/The-Fever-by-Megan-Abbott.pdf
    • http://muicuiu.dumb1.com/1a04a06a09a04a04/At-Fever-Pitch-by-David-Caute.pdf
    • http://muicuiu.dumb1.com/1a07a04a09a09a06/Sea-Fever-Children-of-the-Sea-2-by-Virginia-Kantra.pdf
    • http://muicuiu.dumb1.com/2a03a04a03a01a05/Beyond-Birkie-Fever-by-Walter-Rhein.pdf
    • http://muicuiu.dumb1.com/3a09a00a01a05/Fever-Breathless-2-by-Maya-Banks.pdf
    • http://muicuiu.dumb1.com/1a07a09a02a04a03/The-Fever-Tree-by-Jennifer-McVeigh.pdf
    • http://muicuiu.dumb1.com/3a08a09a00a06/Fever-Pitch-by-Nick-Hornby.pdf
    • http://muicuiu.dumb1.com/1a05a00a02a03a07/The-Fever-Tree-by-Jennifer-McVeigh.pdf
    • http://muicuiu.dumb1.com/1a03a01a08a03a04/Sea-Fever-Children-of-the-Sea-2-by-Virginia-Kantra.pdf
    • http://muicuiu.dumb1.com/9a00a07a03a01/Video-Fever-by-Kathleen-Garvey.pdf
    • http://muicuiu.dumb1.com/3a02a02a01a08a07/Fever-Pitch-Hb-by-Nick-Hornby.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.