Malicious PDF — malware analysis report

Static analysis result for SHA-256 68778bf36483c7e5…

MALICIOUS

PDF

15.7 KB Created: 2020-03-14 00:24:26 +00:00 Authoring application: mPDF 5.7
MD5: 6dd9d77d2bffa016a28ad8c88e4cc85a SHA-1: e3422f72b27dd4fc16f9efe5ac4841e893eda88b SHA-256: 68778bf36483c7e5e7c25ccf6f140363fe76c5f079b6eebd447303939a4638d7
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files, hosted on the domain 'calistazz.myhome.cx'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://calistazz.myhome.cx/7864868866865862/BDSM---Sex-und-Rock-n-Roll-by-Joe-Gessler.pdf
    • http://calistazz.myhome.cx/4864861868866867/The-First-Rock-amp-Roll-Confidential-Report-Inside-the-Real-World-of-Rock-and-Roll-by-Dave-Marsh.pdf
    • http://calistazz.myhome.cx/2861863867869862/Rock-and-Roll-Never-Forgets-Rock-and-Roll-Trilogy-1-by-Barbara-S-Stewart.pdf
    • http://calistazz.myhome.cx/6869861862869/Rock-and-Roll-Never-Forgets-Rock-and-Roll-Trilogy-1-by-Barbara-S-Stewart.pdf
    • http://calistazz.myhome.cx/7864868867864861/BDSM---Natalie-gequ-lt-im-Folterkeller-by-Joe-Gessler.pdf
    • http://calistazz.myhome.cx/7864868867865863/BDSM---Sabsi-abgerichtet-im-Swingerclub-by-Joe-Gessler.pdf
    • http://calistazz.myhome.cx/4869868862860867/Rock-of-Ages-The-Rolling-Stone-History-of-Rock-and-Roll-by-Ed-Ward.pdf
    • http://calistazz.myhome.cx/4869865869866869/Rock-Til-You-Drop-The-Rock-and-Roll-Mysteries-2-by-Kathryn-Lively.pdf
    • http://calistazz.myhome.cx/9867869867867865/Rock-Deadly-The-Rock-and-Roll-Mysteries-1-by-Kathryn-Lively.pdf
    • http://calistazz.myhome.cx/5867864866866866/Punished-Properly---Seduction-Spanking-Restraints-BDSM-Erotica-by-BDSM-BDSM.pdf
    • http://calistazz.myhome.cx/7868861864861/A-Little-Bit-Rock-amp-Roll-by-E-M-Leya.pdf
    • http://calistazz.myhome.cx/7867868861866863/This-could-be-rock-n-roll-by-Tim-Roux.pdf
    • http://calistazz.myhome.cx/4864860867867865/No-Regrets-A-Rock-n-Roll-Memoir-by-Ace-Frehley.pdf
    • http://calistazz.myhome.cx/1862866861864865/Rock-and-Roll-Tourist-by-Graham-Forbes.pdf
    • http://calistazz.myhome.cx/1861869867865866864/Rock-n-Roll-Heaven-by-Shawn-Inmon.pdf
    • http://calistazz.myhome.cx/3865865866862869/Tie-Me-Down-Sex-Love-and-Rock-amp-Roll-2-5-by-Michelle-Hazen.pdf
    • http://calistazz.myhome.cx/4865861867864861/Rock-n-Roll-Nights-by-Todd-Strasser.pdf
    • http://calistazz.myhome.cx/4864861869861869/Rock-n-Roll-Fantasy-by-Susan-Masino.pdf
    • http://calistazz.myhome.cx/1861869867865869860/Sex-Drugs-Rock-and-Roll-by-Eric-Bogosian.pdf
    • http://calistazz.myhome.cx/9864862863869869/Unknown-Legends-of-Rock-n-Roll-by-Richie-Unterberger.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.