Malicious PDF — malware analysis report

Static analysis result for SHA-256 4e16bad314c6b810…

MALICIOUS

PDF

17.3 KB Created: 2019-05-02 17:43:19 +01:00 Authoring application: mPDF 5.7
MD5: ce74a200f7fa1e7d434ee658f8eaa12b SHA-1: 374105d5bfc2a3d0580350ccea91003a88ef2271 SHA-256: 4e16bad314c6b810cf7888958a1e7020770cda7578a0b1c20fc8b7b5feb7d4e5
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files, all hosted on the domain 'xiixmcuin.linkpc.net'. This pattern is indicative of SEO spam or a link farm designed to drive traffic or potentially distribute further malicious content. The ML classifier also strongly flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/7207203207208202/Spinoza-s-Short-Treatise-on-God-Man-and-His-Well-Being-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203206206204/The-Ethics-Treatise-on-the-Emendation-of-the-Intellect-Selected-Letters-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203207203209/The-Essential-Spinoza-Ethics-and-Related-Writings-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/1201208205207201207/Spinoza-Theologisch-politische-Abhandlung-Kritik-an-der-religi-sen-Intoleranz-und-ein-Pl-doyer-f-r-eine-s-kularisierte-Gesellschaftsordnung-by-Baruch-de-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203207203201/Philosophy-of-Benedict-de-Spinoza-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203207208206/The-Letters-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203206206207/On-the-Improvement-of-the-Understanding-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/2202202201200206/Complete-Works-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/3209207203204207/Tractatus-Theologico-Politicus-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203207204203/Ethics-On-the-Improvement-of-the-Understanding-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/5203208209205201/L-thique-Nouvelle-dition-augment-e---Arvensa-Editions-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/1200206200206200203/Ethik-Grossdruck-In-Geometrischer-Weise-Behandelt-in-Funf-Teilen-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/1200202203203207204/Samtliche-Werke-Band-2-Ethik-in-geometrischer-Ordnung-dargestellt-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/9206209207205202/Theologisch-politische-Abhandlung-Tractatus-theologico-politicus---Vollst-ndige-deutsche-Ausgabe-Kritik-an-der-religi-sen-Intoleranz-und-ein-Pl-doyer-Gesellschaftsordnung-by-Baruch-Spinoza.pdf
    • http://xiixmcuin.linkpc.net/7207203208202200/The-Trials-of-Spinoza-by-Tariq-Ali.pdf
    • http://xiixmcuin.linkpc.net/7207203207203204/Spinoza-by-Richard-H-Popkin.pdf
    • http://xiixmcuin.linkpc.net/7207203207209203/Spinoza-Now-by-Dimitris-Vardoulakis.pdf
    • http://xiixmcuin.linkpc.net/5202201200208205/Spinoza-s-Mouse-by-George-Young.pdf
    • http://xiixmcuin.linkpc.net/7207203208206203/Spinoza-Dictionary-by-Dagobert-D-Runes.pdf
    • http://xiixmcuin.linkpc.net/7207203207203200/The-Philosophy-of-Spinoza-by-Joseph-Ratner.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.