Malicious PDF — malware analysis report

Static analysis result for SHA-256 5a87fdb26129d09f…

MALICIOUS

PDF

15.0 KB Created: 2019-05-07 04:49:18 +01:00 Authoring application: mPDF 5.7
MD5: e48c3bf75e4369de68c96e8e8a942a97 SHA-1: 55650a5e365f34fd5c48912d379daaf706e0028a SHA-256: 5a87fdb26129d09f0572f73582749888fd4f1d1dd84abf77f589ee2c664aebbe
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, identified by the PDF_SEO_LINK_FARM heuristic. While the document body is unreadable, the structure and the numerous links suggest a link farm or SEO manipulation tactic. The ML_NYX_PDF_MALICIOUS heuristic further supports the malicious classification. The SE_DOWNLOAD_BUTTON heuristic indicates a potential lure, though it is low-signal on its own.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a05a01a08a03a09/Accidental-Rock-Star-Accidental-4-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/1a00a09a04a05a05/The-Accidental-Movie-Star-Accidental-1-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/3a05a04a02a08a05/The-Accidental-Movie-Star-Accidental-1-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/1a09a09a01a09a05/Accidental-Action-Star-Accidental-3-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/4a03a07a09a08a07/The-Accidental-TV-Star-Accidental-2-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/1a09a09a00a05a04/Accidental-Billionaire-Accidental-5-by-Emily-Evans.pdf
    • http://muicuiu.dumb1.com/2a06a01a01a04a09/The-Accidental-Call-Girl-Accidental-1-by-Portia-Da-Costa.pdf
    • http://muicuiu.dumb1.com/2a09a05a06a01a09/Rock-Star-Revenge-BWWM-Interracial-Menage-Rock-Star-Box-Set-Collection-by-Jezebel-Divelle.pdf
    • http://muicuiu.dumb1.com/4a08a09a00a08a05/Accidental-Baby-by-Kim-Lawrence.pdf
    • http://muicuiu.dumb1.com/1a06a02a05a08a04/The-Accidental-Recluse-by-Tom-McCulloch.pdf
    • http://muicuiu.dumb1.com/7a08a08a02a03a02/Accidental-Harmony-by-errant.pdf
    • http://muicuiu.dumb1.com/1a08a02a00a00a09/The-Accidental-Bestseller-by-Wendy-Wax.pdf
    • http://muicuiu.dumb1.com/4a04a05a06a05a07/The-Accidental-Wife-by-C-J-Fosdick.pdf
    • http://muicuiu.dumb1.com/1a09a05a06a01a03/The-Accidental-Bad-Girl-by-Maxine-Kaplan.pdf
    • http://muicuiu.dumb1.com/8a03a04a02a04a05/Accidental-Love-by-Cara-Marsi.pdf
    • http://muicuiu.dumb1.com/4a07a02a07a06a07/Accidental-Hero-Sanctuary-8-by-R-J-Scott.pdf
    • http://muicuiu.dumb1.com/2a04a01a05a08a06/Accidental-Weather-by-Sherod-Santos.pdf
    • http://muicuiu.dumb1.com/3a05a03a05a08a00/An-Accidental-Woman-by-Barbara-Delinsky.pdf
    • http://muicuiu.dumb1.com/2a01a03a03a06/The-Accidental-Tourist-by-Anne-Tyler.pdf
    • http://muicuiu.dumb1.com/3a00a01a00a01a06/An-Accidental-Seduction-by-Lois-Greiman.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.