Malicious PDF — malware analysis report

Static analysis result for SHA-256 76db650a6293f025…

MALICIOUS

PDF

15.9 KB Created: 2019-04-30 03:59:57 +01:00 Authoring application: mPDF 5.7
MD5: e312e279084d8fe16f246534ccc1d3fb SHA-1: 505f42f49715280acdc4d9d89b6115ed26b0243f SHA-256: 76db650a6293f025e3bd2439334f3191c4aab867e2c1244aa933f8d2fe4f01ac
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs pointing to a single domain, identified as a link farm. While the document body is heavily obfuscated, the presence of numerous links suggests a social engineering tactic to direct users to potentially malicious content. The ML classifier strongly supports the malicious verdict.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9892

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a06a01a08a02a03/Turning-Point-A-Candidate-a-State-and-a-Nation-Come-of-Age-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/8a01a03a04a02/Starting-Point-Turning-Point-3-by-N-R-Walker.pdf
    • http://muicuiu.dumb1.com/4a08a00a07a09a08/Breaking-Point-Turning-Point-2-by-N-R-Walker.pdf
    • http://muicuiu.dumb1.com/4a05a04a08a08a04/Starting-Point-Turning-Point-3-by-N-R-Walker.pdf
    • http://muicuiu.dumb1.com/2a01a06a06a07a09/The-Turning-Point-by-Freya-North.pdf
    • http://muicuiu.dumb1.com/3a07a06a02a09a02/The-Turning-Point-by-Klaus-Mann.pdf
    • http://muicuiu.dumb1.com/1a06a00a09a08a00/Turning-Pink-by-Lucian-Carter.pdf
    • http://muicuiu.dumb1.com/3a03a07a01a00a05/Faith-A-Journey-For-All-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/3a05a05a01a05a01/Faith-A-Journey-For-All-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/1a00a05a03a02a03a04/Turning-Point-1997-2008-by-Hayao-Miyazaki.pdf
    • http://muicuiu.dumb1.com/1a06a01a08a02a08/White-House-Diary-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/1a08a05a08a06a00/Palestine-Peace-Not-Apartheid-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/5a00a01a07a06a01/Christmas-in-Plains-Memories-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/3a08a03a07a04a04/Challenge-for-the-Pacific-Guadalcanal-The-Turning-Point-of-the-War-by-Robert-Leckie.pdf
    • http://muicuiu.dumb1.com/2a07a04a01a06a08/Talking-Peace-A-Vision-for-the-Next-Generation-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/1a06a01a08a02a04/Keeping-Faith-Memoirs-of-a-President-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/4a04a07a08a05a01/Talking-Peace-A-Vision-for-the-Next-Generation-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/1a06a01a08a02a00/An-Hour-Before-Daylight-Memories-of-a-Rural-Boyhood-by-Jimmy-Carter.pdf
    • http://muicuiu.dumb1.com/6a02a00a05a00a01/Flames-Over-Persepolis-Turning-Point-in-History-by-Robert-Eric-Mortimer-Wheeler.pdf
    • http://muicuiu.dumb1.com/6a05a02a02a01a07/The-Battle-for-North-Africa-El-Alamein-and-the-Turning-Point-for-World-War-II-by-Glyn-Harper.pdf
    • http://muicuiu.dumb1.com/5a00a01a07a

Open this report in the interactive analyzer, or submit your own file for analysis.