Malicious PDF — malware analysis report

Static analysis result for SHA-256 4e1f05adc6f4e556…

MALICIOUS

PDF

19.4 KB Created: 2019-05-03 16:54:25 +01:00 Authoring application: mPDF 5.7
MD5: e1a5c63fe18030352b793961f57ca351 SHA-1: 96b9c60739f3a6d76b1476c565ecb1e57a6746e3 SHA-256: 4e1f05adc6f4e556f95a4aaa74c8a3f627ee400ae40a9a49c370bbf3839234a1
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF file was flagged by a machine learning classifier as malicious. Static analysis revealed a large number of embedded external links, identified as a 'PDF_SEO_LINK_FARM' heuristic. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a malicious intent to redirect users to potentially harmful content or engage in SEO spam.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9920

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a07a05a04a00a07/Last-Watch-the-Day-Watch-the-Twilight-Watch-the-Night-Watch-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/1a09a03a08a04a09/The-Night-Watch-Watch-1-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/3a03a03a04a05/Night-Watch-Watch-1-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/4a08a09a07a00a00/Night-Watch-Watch-1-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/2a08a04a05a07a01/Night-Watch-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/4a05a06a06a03a07/The-Genome-by-Sergei-Lukyanenko.pdf
    • http://muicuiu.dumb1.com/8a09a01a09a05a09/Sergei-Prokofiev-s-Peter-and-the-Wolf-With-a-Fully-Orchestrated-and-Narrated-CD-by-Sergei-Prokofiev.pdf
    • http://muicuiu.dumb1.com/6a02a06a00a04a04/Seduced-While-Strangers-Watch-Four-stories-about-women-getting-used-hard-and-filled-up-while-crowds-of-total-strangers-watch-on-and-sometimes-help-out-by-Anya-Aurelie.pdf
    • http://muicuiu.dumb1.com/7a08a09a01a09/The-Pocket-Watch-The-Pocket-Watch-Chronicles-1-by-Ceci-Giltenan.pdf
    • http://muicuiu.dumb1.com/8a09a02a01a01a00/The-Eisenstein-Collection-Sergei-Eisenstein-by-Sergei-Eisenstein.pdf
    • http://muicuiu.dumb1.com/1a01a08a01a03a02a03/KODI-XBMC-Watch-Thousands-of-Movies-amp-Tv-Shows-For-Free-On-Your-Pc-Mac-or-Android-Device-Cancel-Netflix-Watch-Free-tv-kodi-app-kodi-book-kodi-xbmc-by-Jamy-Jackson.pdf
    • http://muicuiu.dumb1.com/8a09a02a00a06a00/Sergei-Eisenstein-by-Mike-O-39-Mahony.pdf
    • http://muicuiu.dumb1.com/8a02a03a06a01/The-Film-Sense-by-Sergei-Eisenstein.pdf
    • http://muicuiu.dumb1.com/8a09a01a08a09a02/A-Foreign-Woman-by-Sergei-Dovlatov.pdf
    • http://muicuiu.dumb1.com/8a09a02a01a00a01/A-Russian-Gentleman-by-Sergei-Aksakov.pdf
    • http://muicuiu.dumb1.com/6a09a04a06a00a04/Ours-A-Russian-Family-Album-by-Sergei-Dovlatov.pdf
    • http://muicuiu.dumb1.com/7a03a06a09a08a01/Diaries-1915-1923-Behind-the-Mask-by-Sergei-Prokofiev.pdf
    • http://muicuiu.dumb1.com/1a00a02a04a08a04a02/Po-etika-Prozy-Gaito-Gazdanova-20-30-Kh-Godov-by-Sergei-Kabaloti.pdf
    • http://muicuiu.dumb1.com/1a00a07a04a00a04a08/Eternal-Individuality-Towards-a-Karmic-Biography-of-Novalis-by-Sergei-O-Prokofieff.pdf
    • http://muicuiu.dumb1.com/6a03a05a07a00a07/The-Perigal-and-Duterrau-watch-and-clockmakers-Perigal-amp-Duterrau-watch-and-clockmakers-to-the-King-by-Nicolette-Reichhold.pdf
    • http://muicuiu.dumb1.com/8a09a01a0

Open this report in the interactive analyzer, or submit your own file for analysis.