Malicious PDF — malware analysis report

Static analysis result for SHA-256 54186e7ab03682bd…

MALICIOUS

PDF

17.8 KB Created: 2019-04-30 04:26:17 +01:00 Authoring application: mPDF 5.7
MD5: aff69a3644706d1e8bb4bb4cd2a2c3b7 SHA-1: 20a249a70865e603c3256d2741de0bc0a4687ae3 SHA-256: 54186e7ab03682bd3f3a06592842898c13e93f718ab7d7a207d0057dc18ae2ef
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also strongly indicated maliciousness. The embedded URLs, while appearing to link to book titles, form a link farm designed to direct users to external content, likely for SEO manipulation or to host malicious payloads. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a04a06a03a03a07/Floating-Gold-A-Natural-and-Unnatural-History-of-Ambergris-by-Christopher-Kemp.pdf
    • http://muicuiu.dumb1.com/3a00a02a06a07a03/The-Feejee-Mermaid-and-Other-Essays-in-Natural-and-Unnatural-History-by-Jan-Bondeson.pdf
    • http://muicuiu.dumb1.com/4a04a07a02a00a04/Peachtree-Creek-A-Natural-and-Unnatural-History-of-Atlanta-s-Watershed-by-David-R-Kaufman.pdf
    • http://muicuiu.dumb1.com/6a06a02a05a00a03/Bringing-Back-The-Dodo-Lessons-In-Natural-And-Unnatural-History-by-Wayne-Grady.pdf
    • http://muicuiu.dumb1.com/2a03a08a04a00a09/Hunger-An-Unnatural-History-by-Sharman-Apt-Russell.pdf
    • http://muicuiu.dumb1.com/1a00a01a00a05/The-Sixth-Extinction-An-Unnatural-History-by-Elizabeth-Kolbert.pdf
    • http://muicuiu.dumb1.com/4a04a06a06a03a05/The-Electric-Chair-An-Unnatural-American-History-by-Craig-Brandon.pdf
    • http://muicuiu.dumb1.com/6a03a03a05a01/Dialogues-Concerning-Natural-Religion-and-The-Natural-History-of-Religion-by-David-Hume.pdf
    • http://muicuiu.dumb1.com/5a03a03a06a02/March-of-the-Titans-A-History-of-the-White-Race-by-Arthur-Kemp.pdf
    • http://muicuiu.dumb1.com/7a09a08a08a04a05/9-Gold-Bullets-Vincent-Calvino-12-by-Christopher-G-Moore.pdf
    • http://muicuiu.dumb1.com/6a02a08a02a08a04/New-Gold-Mountain-the-diary-of-Shu-Cheong-by-Christopher-Cheng.pdf
    • http://muicuiu.dumb1.com/1a03a08a05a02a00/Natural-Right-and-History-by-Leo-Strauss.pdf
    • http://muicuiu.dumb1.com/8a06a02a08a08/On-the-Natural-History-of-Destruction-by-W-G-Sebald.pdf
    • http://muicuiu.dumb1.com/4a07a01a04a01a09/A-Natural-History-of-Wine-by-Ian-Tattersall.pdf
    • http://muicuiu.dumb1.com/8a08a08a05a06a03/Why-We-Run-A-Natural-History-by-Bernd-Heinrich.pdf
    • http://muicuiu.dumb1.com/2a05a00a06a07a00/Why-We-Run-A-Natural-History-by-Bernd-Heinrich.pdf
    • http://muicuiu.dumb1.com/1a08a08a00a05a02/Natural-History-of-New-York-by-John-Kieran.pdf
    • http://muicuiu.dumb1.com/6a09a07a05a05a08/Walking-with-Dinosaurs-A-Natural-History-by-Tim-Haines.pdf
    • http://muicuiu.dumb1.com/3a09a06a00a08a01/Natural-History-A-Selection-by-Pliny-the-Elder.pdf
    • http://muicuiu.dumb1.com/4a04a07a06a03a08/The-Natural-History-of-Canterbury-by-Michael-Winterbourn.pdf
    • http://muicuiu.dumb1.com/1a00a01a00a05/The-Sixth-Extinction

Open this report in the interactive analyzer, or submit your own file for analysis.