Malicious PDF — malware analysis report

Static analysis result for SHA-256 5e483dadf9d9e042…

MALICIOUS

PDF

12.7 KB Created: 2020-03-14 00:55:44 +00:00 Authoring application: mPDF 5.7
MD5: 55b7b4a1d67f638dfac51c808c588168 SHA-1: 6d50354b3b38d015aa7a5334ed5944f1cace0177 SHA-256: 5e483dadf9d9e04276d46b91f84f064365bbcc79d69e407c2898f799e601bb93
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, all hosted on the suspicious domain 'weisncio.myhome.cx'. This pattern is indicative of a link farm or a lure to download further malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://weisncio.myhome.cx/2620629627/Infinity-Lost-The-Infinity-Trilogy-1-by-S-Harrison.pdf
    • http://weisncio.myhome.cx/1621629627626629/Glimpsing-Infinity-Infinity-Series-Book-1-by-K-L-Strader.pdf
    • http://weisncio.myhome.cx/8622627622625/Falling-into-Infinity-Infinity-1-by-Layne-Harper.pdf
    • http://weisncio.myhome.cx/2621627622629622/Infinity-Infinity-4-by-Layne-Harper.pdf
    • http://weisncio.myhome.cx/1620621625623625623/Infinity-The-Infinity-Division-1-by-Jus-Accardo.pdf
    • http://weisncio.myhome.cx/4627621628623/Infinity-One-by-Amy-Harmon.pdf
    • http://weisncio.myhome.cx/1620621625623625624/The-Infinity-War-by-Jim-Starlin.pdf
    • http://weisncio.myhome.cx/4625624626621629/Infinity-One-by-Amy-Harmon.pdf
    • http://weisncio.myhome.cx/1621621624627620/The-Infinity-Code-S-T-O-R-M-1-by-E-L-Young.pdf
    • http://weisncio.myhome.cx/3624629626629621/To-Infinity-by-Darren-Humphries.pdf
    • http://weisncio.myhome.cx/4625626629623624/Store-of-Infinity-by-Robert-Sheckley.pdf
    • http://weisncio.myhome.cx/1621624629622628629/Kodiak-Infinity-Verge-1-by-D-J-Morand.pdf
    • http://weisncio.myhome.cx/1620621625624627622/Infinity-Gauntlet-Omnibus-by-Jim-Starlin.pdf
    • http://weisncio.myhome.cx/2626627628622/The-Infinity-Concerto-by-Greg-Bear.pdf
    • http://weisncio.myhome.cx/4627628623627629/Infinity-Concerto-by-Greg-Bear.pdf
    • http://weisncio.myhome.cx/4621625625627622/Escaping-Infinity-by-Richard-Paolinelli.pdf
    • http://weisncio.myhome.cx/8626621620629621/The-Infinity-War---Die-Ewige-Schlacht-by-Jim-Starlin.pdf
    • http://weisncio.myhome.cx/9626620623624628/Spires-of-Infinity-by-Eric-Allen.pdf
    • http://weisncio.myhome.cx/3628628623626625/Omega-The-Infinity-Division-2-by-Jus-Accardo.pdf
    • http://weisncio.myhome.cx/1620621628627624624/Infinity-Entwined-by-Anne-Apfel.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.