Malicious PDF — malware analysis report

Static analysis result for SHA-256 4fd6e865444f5d94…

MALICIOUS

PDF

15.0 KB Created: 2019-04-30 08:37:17 +01:00 Authoring application: mPDF 5.7
MD5: 05842bfbdce5c9326a35cc25fb876584 SHA-1: 5b8969225a1190105b9254f99e52a719d0b2d4be SHA-256: 4fd6e865444f5d945b77f706912d6d8be0a2e32bb1fea5ea845c7aeb46a4847b
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are currently marked as benign, the sheer volume and the ML_NYX_PDF_MALICIOUS firing suggest a malicious intent, likely to redirect users to harmful content or phishing pages. No scripts were extracted, and the document body was unreadable.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a09a05a09a02a08/Black-Wings-Has-My-Angel-by-Elliott-Chaze.pdf
    • http://muicuiu.dumb1.com/4a01a00a02a02a08/Black-Wings-Has-My-Angel-by-Elliott-Chaze.pdf
    • http://muicuiu.dumb1.com/8a00a07a09a04/Colorado-Wings-A-Wing-and-a-Prayer-Wings-Like-Eagles-Wings-of-the-Dawn-A-Gift-of-Wings-by-Tracie-Peterson.pdf
    • http://muicuiu.dumb1.com/6a02a03a08a01/Black-Lament-Black-Wings-4-by-Christina-Henry.pdf
    • http://muicuiu.dumb1.com/5a09a09a07a00/Black-Howl-Black-Wings-3-by-Christina-Henry.pdf
    • http://muicuiu.dumb1.com/2a03a03a00a08a01/Black-Lament-Black-Wings-4-by-Christina-Henry.pdf
    • http://muicuiu.dumb1.com/2a08a07a05a09/With-Angel-s-Wings-by-Stephanie-A-Collins.pdf
    • http://muicuiu.dumb1.com/5a00a01a09a04a08/On-Angel-Wings-by-Michael-Morpurgo.pdf
    • http://muicuiu.dumb1.com/1a01a00a05a07a04a00/Blizzard-The-Black-Ice-Trilogy-2-by-Mikayla-Elliot.pdf
    • http://muicuiu.dumb1.com/3a05a03a01a09a04/Wings-Subversive-Gay-Angel-Erotica-by-Todd-Gregory.pdf
    • http://muicuiu.dumb1.com/8a01a05a04a01/Angel-s-Pain-Wings-in-the-Night-15-by-Maggie-Shayne.pdf
    • http://muicuiu.dumb1.com/1a02a03a09a05a09/Broken-Wings-Angel-Eyes-2-by-Shannon-Dittemore.pdf
    • http://muicuiu.dumb1.com/5a00a01a07a09a00/Brush-of-Angel-s-Wings-Heaven-On-Earth-2-by-Ruth-Reid.pdf
    • http://muicuiu.dumb1.com/9a02a02a02a05/His-Black-Wings-by-Astrid-Yrigollen.pdf
    • http://muicuiu.dumb1.com/4a00a07a09a08a08/Black-Wings-II-New-Tales-of-Lovecraftian-Horror-by-S-T-Joshi.pdf
    • http://muicuiu.dumb1.com/2a05a09a09a02/Black-Wings-IV-Tales-of-Lovecraftian-Horror-by-S-T-Joshi.pdf
    • http://muicuiu.dumb1.com/2a06a00a06a06/Black-Wings-Tales-of-Lovecraftian-Horror-by-S-T-Joshi.pdf
    • http://muicuiu.dumb1.com/3a04a03a06a04a08/The-Black-Angel-by-John-Connolly.pdf
    • http://muicuiu.dumb1.com/4a08a03a04a07a06/Black-Angel-by-Graham-Masterton.pdf
    • http://muicuiu.dumb1.com/3a02a09a04a02a04/You-Don-t-Know-My-Name-The-Black-Angel-Chronicles-1-by-Kristen-Orlando.pdf
    • http://muicuiu.dumb1.com/8a01a05a04a01/Angel-s-Pain-Wings-in-the-Night-15-by-Maggie-Shayne.pd

Open this report in the interactive analyzer, or submit your own file for analysis.