Malicious PDF — malware analysis report

Static analysis result for SHA-256 4aef2549b0686d66…

MALICIOUS

PDF

13.9 KB Created: 2019-05-07 05:37:52 +01:00 Authoring application: mPDF 5.7
MD5: 762145f9bb086564730c15966f95ec71 SHA-1: d20ed3e2913e2424b0a2c0469ddb63a6abd1ddb0 SHA-256: 4aef2549b0686d66916e362fc89213bafa7002c375003cf51b4100f732a992ab
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files hosted on the domain 'muicuiu.dumb1.com'. This behavior is indicative of a link farm or a phishing lure designed to direct users to potentially malicious content. The ML classifier also flagged this PDF as malicious, supporting the assessment of a malicious intent.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9200

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/8a08a03a08/For-a-Muse-of-Fire-For-a-Muse-of-Fire-1-by-Heidi-Heilig.pdf
    • http://muicuiu.dumb1.com/3a05a01a07a07a04/The-Muse-of-Fire-by-Carol-M-Cram.pdf
    • http://muicuiu.dumb1.com/6a09a00a08a06a06/Muse-of-Fire-by-John-Scalzi.pdf
    • http://muicuiu.dumb1.com/3a01a00a05a03a01/Falling-for-a-Muse-A-Muse-Inspired-Love-1-by-L-Mertz.pdf
    • http://muicuiu.dumb1.com/8a06a03a01a02/Novels-by-Chris-D-lacey-The-Fire-Eternal-Fire-Star-the-Fire-Within-Icefire-the-Last-Dragon-Chronicles-Fire-World-by-Books-LLC.pdf
    • http://muicuiu.dumb1.com/3a02a07a07a08a05/The-Muse-by-L-M-Halloran.pdf
    • http://muicuiu.dumb1.com/4a04a03a06a07a01/Muse-Me-Only-by-Tarian-P-S-.pdf
    • http://muicuiu.dumb1.com/7a04a01a09a05a02/Muse-in-Dessous-by-Penelope-Sky.pdf
    • http://muicuiu.dumb1.com/1a02a07a06a08a01/Muse-by-Janica-McEndollar.pdf
    • http://muicuiu.dumb1.com/3a02a08a05a06a02/His-Muse-by-Twyla-Turner.pdf
    • http://muicuiu.dumb1.com/7a06a00a00a05/The-Whispering-Muse-by-Sj-n.pdf
    • http://muicuiu.dumb1.com/4a09a03a05a07a04/Muse-by-Jonathan-Galassi.pdf
    • http://muicuiu.dumb1.com/2a02a06a00a07a07/Muse-by-Susan-Aizenberg.pdf
    • http://muicuiu.dumb1.com/6a06a06a07a05a05/Poseidon-s-Bride-by-Zoe-Muse.pdf
    • http://muicuiu.dumb1.com/4a04a03a04a00a02/Consuming-the-Muse-by-AstridL.pdf
    • http://muicuiu.dumb1.com/1a00a05a09a08a03/Muse-Unexpected-by-V-C-Birlidis.pdf
    • http://muicuiu.dumb1.com/5a09a02a08a06/My-Clockwork-Muse-by-D-R-Erickson.pdf
    • http://muicuiu.dumb1.com/4a06a08a07a04a07/Joshua-s-Muse-by-Fae-Sutherland.pdf
    • http://muicuiu.dumb1.com/8a04a07a07a06/Inspire-The-Muse-1-by-Cora-Carmack.pdf
    • http://muicuiu.dumb1.com/3a09a02a09a00a08/Mugging-the-Muse-by-Holly-Lisle.pdf
    • http://muicuiu.dumb1.com/7a

Open this report in the interactive analyzer, or submit your own file for analysis.