Malicious PDF — malware analysis report

Static analysis result for SHA-256 56b9e5f3dffcc78d…

MALICIOUS

PDF

17.2 KB Created: 2019-04-30 06:01:24 +01:00 Authoring application: mPDF 5.7
MD5: a7186cdda465ab64e0d61dbc3769154d SHA-1: a666ce59716ac587857c773720e6803f4a70cc74 SHA-256: 56b9e5f3dffcc78daa430682fe60ce3bbd1f667ebae1d7fe21b785a1529cc0cb
70 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The file is identified as a PDF dropper by ClamAV. The document body contains multiple embedded URLs, one of which is flagged as an external URI. The presence of a visual download button lure suggests an attempt to trick the user into initiating a download. No scripts were extracted from this sample.

Heuristics 4

  • ClamAV: Pdf.Dropper.Agent-7104504-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7104504-0
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a02a09a00a00a02/Semaru-Nick-of-Time-Full-Metal-Panic-10-by-Shouji-Gatou.pdf
    • http://muicuiu.dumb1.com/5a00a04a05a08a06/Panic-Attacks-Workbook-A-Guided-Program-for-Beating-the-Panic-Trick-by-David-Carbonell.pdf
    • http://muicuiu.dumb1.com/8a05a03a01a08a04/Grant-from-the-Belgian-Government-Report-of-Mr-Stephenson-and-General-Statement-May-1845-by-George-Stephenson-Sambre.pdf
    • http://muicuiu.dumb1.com/6a00a02a03a08a04/Panic-X-Panic-Vol-02-by-Mika-Kawamura.pdf
    • http://muicuiu.dumb1.com/4a06a01a00a07a03/Understanding-and-Overcoming-Anxiety-and-Panic-Attacks-a-Guide-for-You-and-Your-Caregiver-How-to-Stop-Anxiety-Stress-Panic-Attacks-Phobia-amp-Agoraphobia-Now-by-Julie-Stevenson.pdf
    • http://muicuiu.dumb1.com/2a08a00a02a00a00/Strawberry-Panic-Vol-01-Strawberry-Panic-1-by-Sakurako-Kimino.pdf
    • http://muicuiu.dumb1.com/6a00a02a04a06a03/Full-Metal-Panic-Volume-9-Full-Metal-Panic-9-by-Shouji-Gatou.pdf
    • http://muicuiu.dumb1.com/6a00a02a04a01a07/Full-Metal-Panic-Volume-6-Full-Metal-Panic-6-by-Shouji-Gatou.pdf
    • http://muicuiu.dumb1.com/6a00a02a04a02a00/Full-Metal-Panic-Volume-8-Full-Metal-Panic-8-by-Shouji-Gatou.pdf
    • http://muicuiu.dumb1.com/6a02a09a00a00a09/Full-Metal-Panic-Overload-Vol-5-Full-Metal-Panic-Overload-5-by-Shouji-Gatou.pdf
    • http://muicuiu.dumb1.com/4a05a07a04a05a08/Nick-s-Time-Out-Nick-s-Awakening-2-by-Simon-Strange.pdf
    • http://muicuiu.dumb1.com/7a02a03a02a01/Plan-B-A-Nick-Heller-Story-Nick-Heller-2-5-by-Joseph-Finder.pdf
    • http://muicuiu.dumb1.com/8a07a02a05a00a03/The-Silk-Road-Nick-Rowan-and-Christopher-Herwig-by-Nick-Rowan.pdf
    • http://muicuiu.dumb1.com/3a00a01a09a06a00/Cryptonomicon-by-Neal-Stephenson.pdf
    • http://muicuiu.dumb1.com/3a01a00a04a02a05/Devil-s-Due-by-J-Douglas-Stephenson.pdf
    • http://muicuiu.dumb1.com/1a02a08a00a08a07/Zodiac-by-Neal-Stephenson.pdf
    • http://muicuiu.dumb1.com/2a04a08a09a06/Cryptonomicon-by-Neal-Stephenson.pdf
    • http://muicuiu.dumb1.com/8a00a03a08a01a04/Peyizaj-by-Roberto-Stephenson.pdf
    • http://muicuiu.dumb1.com/2a04a08a01a06/Anathem-by-Neal-Stephenson.pdf
    • http://muicuiu.dumb1.com/3a06a06a06a05a01/Moral-Panic-by-K-M-Ecke.pdf
    • http://muicuiu.dumb1.com/2a08a00a02a00a00/Strawberry-Panic-Vol-01-Strawberry-Pa

Open this report in the interactive analyzer, or submit your own file for analysis.