Malicious PDF — malware analysis report

Static analysis result for SHA-256 5075fd8e1c56e64b…

MALICIOUS

PDF

16.2 KB Created: 2019-04-30 04:40:49 +01:00 Authoring application: mPDF 5.7
MD5: 32ddd800bccffd7824a104916225fc32 SHA-1: 77a3ef8b2291dca35974a8eca47bec2157dc8912 SHA-256: 5075fd8e1c56e64b27d5d04082de6763154d8b057ebeb2fed789b106cb307f78
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links to external PDF documents, a technique often used for SEO manipulation or to distribute malicious content. The ML classifier strongly indicated maliciousness, and the PDF_SEO_LINK_FARM heuristic identified this link farm. While the specific URLs themselves are currently marked as benign, the sheer volume and structure suggest a malicious intent to redirect users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a02a07a05a00a02/The-Tomorrow-Gene-The-Tomorrow-Gene-1-by-Sean-Platt.pdf
    • http://muicuiu.dumb1.com/3a07a02a01a09a02/Tomorrow-When-the-War-Began-The-Tomorrow-Series-1-by-John-Marsden.pdf
    • http://muicuiu.dumb1.com/2a09a01a06a00a08/Tomorrow-When-the-War-Began-Tomorrow-1-by-John-Marsden.pdf
    • http://muicuiu.dumb1.com/2a02a00a04a00a00/What-Tomorrow-Brings-Tomorrow-1-by-Cyndi-Raye.pdf
    • http://muicuiu.dumb1.com/1a09a05a02a08a07/Before-Tomorrow-Forget-Tomorrow-0-5-by-Pintip-Dunn.pdf
    • http://muicuiu.dumb1.com/2a05a08a04a01/The-Best-of-Gene-Wolfe-A-Definitive-Retrospective-of-His-Finest-Short-Fiction-by-Gene-Wolfe.pdf
    • http://muicuiu.dumb1.com/1a01a08a09a07a09a03/Laddie-A-True-Blue-Story-1913-by-Gene-Stratton-Porter-Illustrated-By-Herman-Pfeifer-Pfeifer-Herman-1879-1931-by-Gene-Stratton-Porter.pdf
    • http://muicuiu.dumb1.com/1a05a05a05a02a08/Z-2134-Episode-1-by-Sean-Platt.pdf
    • http://muicuiu.dumb1.com/6a02a07a04a07a07/The-Tomorrow-Log-by-Sharon-Lee.pdf
    • http://muicuiu.dumb1.com/1a05a05a00a06a03/Tomorrow-is-Gone-by-Huw-Millward.pdf
    • http://muicuiu.dumb1.com/3a03a07a04a03a05/Tomorrow-Log-by-Sharon-Lee.pdf
    • http://muicuiu.dumb1.com/5a04a07a01a06/K-Pax-K-Pax-1-by-Gene-Brewer.pdf
    • http://muicuiu.dumb1.com/4a01a05a03a09a08/The-Beam-The-Complete-Second-Season-Collection-Books-7-12-by-Sean-Platt.pdf
    • http://muicuiu.dumb1.com/2a09a01a02a05a03/Last-Son-of-Tomorrow-by-Greg-Van-Eekhout.pdf
    • http://muicuiu.dumb1.com/6a05a00a00a07/If-Tomorrow-Comes-by-Sidney-Sheldon.pdf
    • http://muicuiu.dumb1.com/3a07a08a02a01/The-Day-After-Tomorrow-by-Allan-Folsom.pdf
    • http://muicuiu.dumb1.com/1a08a06a09a09a06/Tomorrow-Maybe-by-Brian-James.pdf
    • http://muicuiu.dumb1.com/2a02a09a09a04a06/Tomorrow---Come-Soon-by-Jessica-Steele.pdf
    • http://muicuiu.dumb1.com/3a05a06a00a05a01/The-Day-After-Tomorrow-by-Allan-Folsom.pdf
    • http://muicuiu.dumb1.com/4a00a01a09a07a08/Tomorrow-by-Philip-Wylie.pdf
    • http://muicuiu.dumb1.com/1a05a05a05a02a08/Z-2134-Episode-1-by-S

Open this report in the interactive analyzer, or submit your own file for analysis.