Malicious PDF — malware analysis report

Static analysis result for SHA-256 4c2b61b239aa0fcc…

MALICIOUS

PDF

18.3 KB Created: 2019-05-03 16:36:34 +01:00 Authoring application: mPDF 5.7 First seen: 2021-04-25
MD5: 73b9e485ae6414d67539492d7d642632 SHA-1: c45082ed38cc8e3552a3467cc0e921a124dc10d7 SHA-256: 4c2b61b239aa0fccd0aac1fdaa63e29e7175060a80ac94ad6795652614117a87
92 Risk Score

Machine Learning

  • Nyx PDF Classifier malicious score 0.9912

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/2209204209204201/The-Christmas-Wishing-Tree-by-Emily-March.pdf In PDF document text
    • http://xiixmcuin.linkpc.net/2201206209201206/The-First-Kiss-of-Spring-Eternity-Springs-14-by-Emily-March.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2209205206206208/Hummingbird-Lake-Eternity-Springs-2-by-Emily-March.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1209207201202203/Angel-s-Rest-Eternity-Springs-1-by-Emily-March.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2208200205203209/Miracle-Road-Eternity-Springs-7-by-Emily-March.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4202208204201207/Dreamweaver-Trail-Eternity-Springs-8-by-Emily-March.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2200202208204201/A-Callahan-Christmas-Miracle-Callahan-Cowboys-13-by-Tina-Leonard.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4206205201208206/The-Callahan-Touch-Mary-s-Place-1-Callahan-s-6-by-Spider-Robinson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2209204208203207/Callahan-s-Crosstime-Saloon-Callahan-s-1-by-Spider-Robinson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3207208209209201/Callahan-s-Key-The-Place-1-Callahan-s-Series-8-by-Spider-Robinson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4206205201208203/Callahan-s-Secret-Callahan-s-3-by-Spider-Robinson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2202208201202/Caring-for-Emily-s-Family-by-Carol-Zelaya.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/8205203202202202/A-History-of-the-Campaigns-of-General-Pichegru-Containing-the-Operations-of-the-Armies-of-the-North-and-of-the-Sambre-and-the-Meuse-from-March-1794-to-March-1795-by-Pierre-David-Abb-39-.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4200/March-Book-Two-March-2-by-John--Lewis.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/8206204203202201/Coreene-Callahan-Books-2017-Checklist-Reading-Order-of-Circle-of-Seven-Series-Dragonfury-Series-and-List-of-All-Coreene-Callahan-Books-by-Diamond-List.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1200203208201203207/Harmonic-Analysis-Proceedings-of-the-Special-Program-at-the-Nankai-Institute-of-Mathematics-Tianjin-PR-China-March-July-1988-March-July-1988-by-Minde-Cheng.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3209207209202207/Emily-s-Submissive-Wedding-Night-Explorations-1-by-Emily-Tilton.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1208201208209202/A-Kiss-for-Emily-The-Emily-Stokes-Series-1-by-J-P-Galuska.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/8201206202207/The-Misadventures-of-Maude-March-Maude-March-Misadventures-1-by-Audrey-Couloumbis.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4204204209206207/Emily-Climbs-Emily-of-New-Moon-2-by-L-M-Montgomery.pdfIn PDF document text