Malicious PDF — malware analysis report

Static analysis result for SHA-256 722881e3beff110d…

MALICIOUS

PDF

13.5 KB Created: 2020-03-18 22:27:50 +00:00 Authoring application: mPDF 5.7
MD5: 45e439aec0251e1bb73968e7d9983333 SHA-1: 2f90280cbd16e2d743a10de66e0a3b85958c0d12 SHA-256: 722881e3beff110df8695180b22bdf9426fac6aacc4a4632b636c3490796b54f
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. These URLs point to external resources, suggesting a tactic to drive traffic or distribute further content. The ML classifier also flagged this PDF as malicious, reinforcing the suspicious nature of the embedded links.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://weisncio.myhome.cx/8626622620628624/A-Magical-Alex-Flinn-3-Book-Collection-Cloaked-A-Kiss-in-Time-Towering-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/1621622624620629/Towering-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/4626628622624622/A-Kiss-in-Time-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/3621620626620621/Beastly-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/2625621628626624/Beastly-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/2629626626628627/Breathing-Underwater-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/3625627626625625/Bewitching-Kendra-Chronicles-2-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/9626629627620/Diva-Breathing-Underwater-2-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/1627621627/Mirrored-Kendra-Chronicles-3-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/2628629629626628/Bewitching-Kendra-Chronicles-2-by-Alex-Flinn.pdf
    • http://weisncio.myhome.cx/8623623629628621/Kiss-Me-in-Paris-by-Alex-Lux.pdf
    • http://weisncio.myhome.cx/8626622622620629/Because-by-Kevin-Flinn.pdf
    • http://weisncio.myhome.cx/8626622622620622/Three-Gifts-by-Mary-Flinn.pdf
    • http://weisncio.myhome.cx/9623622628621/Three-Gifts-by-Mary-Flinn.pdf
    • http://weisncio.myhome.cx/2626628628625622/Alex-s-Adventures-in-Numberland-Dispatches-from-the-Wonderful-World-of-Mathematics-by-Alex-Bellos.pdf
    • http://weisncio.myhome.cx/5623620628623621/Bonjour-Alex-The-Secret-World-of-Alex-Mack-17-by-Cathy-East-Dubowski.pdf
    • http://weisncio.myhome.cx/8626622620628623/The-Flinn-Legacy-by-Dean-Smith.pdf
    • http://weisncio.myhome.cx/8626622620628620/A-Soldier-s-Bounty-by-Mike-Flinn.pdf
    • http://weisncio.myhome.cx/8625622628622/Serpent-s-Kiss-Rogue-Angel-10-by-Alex-Archer.pdf
    • http://weisncio.myhome.cx/2626625626627626/Kiss-the-Girls-Alex-Cross-2-by-James-Patterson.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.