Malicious PDF — malware analysis report

Static analysis result for SHA-256 6fe171ea249e9d01…

MALICIOUS

PDF

37.6 KB Created: 2019-04-30 04:59:10 +01:00 Authoring application: mPDF 5.7
MD5: 1b4c65f4d8195d5b6bd90f58392489ce SHA-1: 7fb092f4dfd9081db5128cc14350416fce5d1262 SHA-256: 6fe171ea249e9d016335c80f88038f4f347a6505fd686721d023cb902b07006e
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, identified by the PDF_SEO_LINK_FARM heuristic. While the document body is heavily obfuscated, the presence of these links suggests an attempt to direct users to a large collection of content, potentially for SEO manipulation or to host further malicious payloads. The ML_NYX_PDF_MALICIOUS heuristic also flags the document as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9894

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/6201205200206205/Carlos-Ruiz-Zafon-Books-2017-Checklist-Reading-Order-of-Cemetery-Of-Forgotten-Series-Niebla-Series-and-List-of-All-Carlos-Ruiz-Zafon-Books-by-Platinum-List.pdf
    • http://xiixmcuin.linkpc.net/1200201206209207207/An-elova-igra-The-Cemetery-of-Forgotten-Books-2-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/1209205206205207/The-Prisoner-of-Heaven-The-Cemetery-of-Forgotten-Books-3-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/4203200205204203/The-Labyrinth-of-the-Spirits-The-Cemetery-of-Forgotten-Books-4-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/1200201206209208202/Zato-enik-Neba-The-Cemetery-of-Forgotten-Books-3-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/7200203204209208/Deanna-Raybourn-Books-2017-Checklist-Reading-Order-of-A-Spear-of-Summer-Grass-Series-City-of-Jasmine-Series-Lady-Julia-Grey-Series-Veronica-Speedwell-Series-and-List-of-All-Deanna-Raybourn-Books-by-Platinum-List.pdf
    • http://xiixmcuin.linkpc.net/5208205200206205/Fred-Vargas-Books-2017-Checklist-Reading-Order-of-Commissaire-Adamsberg-Series-Three-Evangelists-Series-and-List-of-All-Fred-Vargas-Books-by-Platinum-List.pdf
    • http://xiixmcuin.linkpc.net/5206205209201204/Camilla-Lackberg-Books-2017-Checklist-Reading-Order-of-Patrick-Hedstrom-and-Erica-Falck-Series-and-List-of-All-Camilla-Lackberg-Books-by-Platinum-List.pdf
    • http://xiixmcuin.linkpc.net/1201207204200204203/Karen-Rose-Books-2017-Checklist-Reading-Order-of-Baltimore-Series-Chicago-Series-Cincinnati-Series-Daniel-Vartanian-Series-Romantic-Suspense-Series-and-List-of-All-Karen-Rose-Books-by-Series-List.pdf
    • http://xiixmcuin.linkpc.net/8206204203202201/Coreene-Callahan-Books-2017-Checklist-Reading-Order-of-Circle-of-Seven-Series-Dragonfury-Series-and-List-of-All-Coreene-Callahan-Books-by-Diamond-List.pdf
    • http://xiixmcuin.linkpc.net/1202201200204201/The-Watcher-in-the-Shadows-Niebla-3-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/6209206206208/The-Midnight-Palace-Niebla-2-by-Carlos-Ruiz-Zaf-n.pdf
    • http://xiixmcuin.linkpc.net/5208209207208201/Patrick-Rothfuss-Books-2017-Checklist-Reading-Order-of-The-Adventures-of-the-Princess-and-Mr-Whiffle-Series-The-Kingkiller-Chronicle-Series-and-List-of-All-Patrick-Rothfuss-Books-by-Series-Order.pdf
    • http://xiixmcuin.linkpc.net/8202208205209202/Dennis-Lehane-Books-2017-Checklist-and-Reading-Order-The-Kenzie-Gennaro-Series-in-Order-Coughlin-Series-in-Order-and-List-of-All-Dennis-Lehane-Books-by-Thriller-Junkies.pdf
    • http://xiixmcuin.linkpc.net/9207203205200205/Checklist-and-Reading-order-of-Jennifer-L-Armentrout-Books-Reading-order-of-Lux-series-Wait-for-You-series-Titan-series-Covenant-series-Dark-Elements-series-Gamble-Brothers-Frigid-series-by-Book-List.pdf
    • http://xiixmcuin.linkpc.net/9206203202200209/Checklist-and-Reading-Order-of-Jim-Butcher-Books-Reading-order-of-Dresden-Files-series-Codex-Alera-series-Fool-Moon-series-Storm-Front-series-by-Series-List.pdf
    • http://xiixmcuin.linkpc.net/7203206206208207/LIST-SERIES-FAITH-HUNTER-SERIES-READING-ORDER-JANE-YELLOWROCK-BOOKS-SOULWOOD-BOOKS-GARRICK-TRAVIS-BOOKS-DELANDE-BOOKS-RHEA-LYNCH-M-D-BOOKS-ROGUE-MAGE-BOOKS-amp-OTHERS-BY-FAITH-HUNTER-by-List-Series.pdf
    • http://xiixmcuin.linkpc.net/1201201207209208202/Boris-Akunin-Books-2017-Checklist-Reading-Order-of-An-Erast-Fandorin-Mystery-Series-and-List-of-All-Boris-Akunin-Books-by-Diamond-Books.pdf
    • http://xiixmcuin.linkpc.net/9206203202201201/Jim-Butcher-Books-Checklist-Reading-order-of-Dresden-Files-series-Codex-Alera-series-Fool-Moon-series-Storm-Front-series-and-list-of-all-jim-Butcher-books-by-Kevin-Hanson.pdf
    • http://xiixmcuin.linkpc.net/7207201205203201/Dana-Stabenow-Books-Checklist-Reading-Order-Of-Coast-Guard-Series-in-Order-Kate-Shugak-Series-in-Order-Silk-and-Song-Trilogy-Star-Svensdotter-Series-in-Order-and-List-of-All-Dana-Stabenow-Books-by-Kevin-Hanson.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.