Malicious PDF — malware analysis report

Static analysis result for SHA-256 56e3d23f2e19053e…

MALICIOUS

PDF

16.1 KB Created: 2019-04-29 23:24:15 +01:00 Authoring application: mPDF 5.7
MD5: 5868ac903c4c5cba1157969adf81871f SHA-1: e8f5d7618dbaa518a08a0e66d5af42b8aad6458d SHA-256: 56e3d23f2e19053e7eab5cf365007246f673b85da4335ac0061ffd1c3585734e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links to external PDF documents hosted on the domain 'muicuiu.dumb1.com'. This behavior is indicative of a link farm or a redirection scheme designed to lead users to potentially malicious content. The ML classifier also flagged this PDF as malicious with a high probability.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a08a04a04a08a09/Robot-Volume-3-by-Range-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a04a08a00/Robot-Volume-1-by-Range-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a06a00a06/Robot-Volume-6-by-Range-Murata.pdf
    • http://muicuiu.dumb1.com/4a04a03a00a08a02/Magnus-Robot-Fighter-Archives-Volume-1-by-Russ-Manning.pdf
    • http://muicuiu.dumb1.com/3a03a03a02a09a04/An-Isolated-Range-Range-5-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/4a02a02a04a02a02/A-Foreign-Range-Range-4-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/4a05a07a00a02a01/An-Isolated-Range-Range-5-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/3a03a03a02a09a09/A-Foreign-Range-Range-4-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/6a09a02a00a00/A-Shared-Range-Range-1-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/3a03a03a02a09a07/A-Volatile-Range-Range-6-by-Andrew-Grey.pdf
    • http://muicuiu.dumb1.com/1a06a04a02a02a02/The-Soul-of-the-Robot-Robot-1-by-Barrington-J-Bayley.pdf
    • http://muicuiu.dumb1.com/2a07a04a03a02/Robot-Dreams-Robot-0-4-by-Isaac-Asimov.pdf
    • http://muicuiu.dumb1.com/3a07a03a08a05a08/Murder-on-the-Robot-City-Express-Robot-City-Adventures-4-by-Paul-Collicutt.pdf
    • http://muicuiu.dumb1.com/5a06a08a06a03a04/Robot-Intelligence-Technology-and-Applications-4-Results-from-the-4th-International-Conference-on-Robot-Intelligence-Technology-and-Applications-by-Jong-Hwan-Kim.pdf
    • http://muicuiu.dumb1.com/9a04a04a00a05a06/The-Whimsical-Robot-Shinichi-Hoshi-Short-Short-Collection-Volume-2-by-Shinichi-Hoshi.pdf
    • http://muicuiu.dumb1.com/6a08a04a06a02a03/-12-by-Shinya-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a06a02a00/--In-The-Chocolate-by-Mayu-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a05a09a08/-3---JOKER-by-Shinya-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a06a03a01/The-Master-s-Mistress-by-Junko-Murata.pdf
    • http://muicuiu.dumb1.com/6a08a04a05a09a07/The-Rake-s-Secret-Son-by-Junko-Murata.pdf
    • http://muicuiu.dumb1.com/5a06a08a06a03a04/Robot-Intelligence-Technology-and-Applications-4-Results-from-the-4th-International-Conference-on-Robot

Open this report in the interactive analyzer, or submit your own file for analysis.