Malicious PDF — malware analysis report

Static analysis result for SHA-256 7735344141f78d2e…

MALICIOUS

PDF

13.3 KB Created: 2019-05-07 04:08:28 +01:00 Authoring application: mPDF 5.7
MD5: 71919f0e1669e85c4a3dafdf6c2036c5 SHA-1: 2fad703e0f5864452985c1d0269d04dcd8cbd51e SHA-256: 7735344141f78d2e14072cc98738c10b8fb1a76d632c3e9d0f9ae62ad30a40fe
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links, many of which point to external PDFs, a technique often used for SEO manipulation or to host malicious content. The ML classifier also flagged this PDF as malicious. The presence of a 'download button' heuristic further supports the idea that the document is designed to trick the user into downloading a payload.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a07a05a04a05a07/Waiting-for-Callback-Waiting-for-Callback-1-by-Perdita-Cargill.pdf
    • http://muicuiu.dumb1.com/4a04a01a02a07a05/Waiting-for-the-Dark-Waiting-for-the-Light-by-Ivan-Kl-ma.pdf
    • http://muicuiu.dumb1.com/1a04a04a06a02a06/Waiting-for-You-Waiting-for-You-1-by-Shey-Stahl.pdf
    • http://muicuiu.dumb1.com/4a00a05a04a00a04/The-Waiting-The-Waiting-1-by-Elizabeth-Burgess.pdf
    • http://muicuiu.dumb1.com/3a01a05a01a03a01/Waiting-for-You-Waiting-for-You-1-by-Shey-Stahl.pdf
    • http://muicuiu.dumb1.com/9a06a09a04a03a02/The-Callback-Maddie-Ziegler-Trilogy-2-by-Maddie-Ziegler.pdf
    • http://muicuiu.dumb1.com/4a06a05a09a06a03/Waiting-for-Her-by-Jennifer-Van-Wyk.pdf
    • http://muicuiu.dumb1.com/7a03a01a09a00a07/Waiting-for-the-Mahatma-by-R-K-Narayan.pdf
    • http://muicuiu.dumb1.com/2a02a00a05a00a08/Waiting-Fate-by-W-B-Kinnette.pdf
    • http://muicuiu.dumb1.com/6a09a05a00a00a08/The-Day-Is-Waiting-by-Linda-Zuckerman.pdf
    • http://muicuiu.dumb1.com/2a04a03a07a06a02/Waiting-on-Hope-by-T-M-Souders.pdf
    • http://muicuiu.dumb1.com/8a00a07a06a08/Waiting-for-the-Mahatma-by-R-K-Narayan.pdf
    • http://muicuiu.dumb1.com/1a08a04a01a05a00/Waiting-for-the-Barbarians-by-J-M-Coetzee.pdf
    • http://muicuiu.dumb1.com/4a02a04a01a06a07/Waiting-for-God-by-Simone-Weil.pdf
    • http://muicuiu.dumb1.com/3a06a03a05a04/Waiting-for-You-by-Susane-Colasanti.pdf
    • http://muicuiu.dumb1.com/4a02a00a08a02a01/Waiting-Hearts-by-M-J-Nolan.pdf
    • http://muicuiu.dumb1.com/1a06a04a08a03a09/Amber-Waiting-by-Nan-Gregory.pdf
    • http://muicuiu.dumb1.com/8a07a07a01a00a07/Waiting-on-God-by-Cherie-Hill.pdf
    • http://muicuiu.dumb1.com/6a02a02a06a09/I-ve-Been-Waiting-for-You-by-Mary-Moriarty.pdf
    • http://muicuiu.dumb1.com/1a01a04a04a04a00a06/Waiting-For-War-by-Claude-Delarue.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.