Malicious PDF — malware analysis report

Static analysis result for SHA-256 79c28d222c57307c…

MALICIOUS

PDF

18.7 KB Created: 2019-04-30 18:50:58 +01:00 Authoring application: mPDF 5.7 First seen: 2021-10-11
MD5: bf0a214074cdd292212f79dd531b438b SHA-1: 86fb9381bc59f9327e9cc01d416cb6905413ec46 SHA-256: 79c28d222c57307ccb5dbb0b2756382fd1f19f24f7d0bd974cb67ad6f6116187
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1105 Ingress Tool Transfer

The PDF contains a large number of embedded URLs pointing to external PDF files, a technique often used for SEO poisoning or to distribute malware. The ML classifier also flagged this PDF as malicious. The embedded URLs are hosted on a dynamic DNS domain, suggesting a transient infrastructure for distributing potentially malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9912

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/4204202201205209/Rising-Stars-Compendium-Rising-Stars-0-5-by-J-Michael-Straczynski.pdf In PDF document text
    • http://xiixmcuin.linkpc.net/7201200200205/Rising-Stars-Vol-1-Born-in-Fire-by-J-Michael-Straczynski.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2202205209205201/Rising-Sun-Half-Moon-Rock-Stars-D-Strings-Set-Silver-Strings-D-1-3-by-Lisa-Gillis.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6206201201201200/Stars-of-the-Stars-Stars-of-the-Stars-1-by-P-n-lope-Bagieu.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6204203206205201/In-the-Small-Small-Pond-and-Other-Stories-That-Rhyme-In-the-Small-Small-Pond-Stars-Stars-Stars-Wild-about-Books-Come-On-Rain-Zin-Zin-Zin-a-Violin-by-Denise-Fleming.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3206202206200204/Tempest-Rising-Rising-Storm-1-by-Julie-Kenner.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2208205207204207/Tempest-Rising-Rising-Storm-1-by-Julie-Kenner.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3207203203209203/The-Magic-School-Bus-Sees-Stars-A-Book-About-Stars-by-Joanna-Cole.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6200200200200209/The-Stars-Learn-the-Bright-Stars-and-Important-Constellations-by-Tom-Vandamme.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3205203208204/Fire-of-Stars-and-Dragons-Stars-and-Souls-1-by-Melissa-Petreshock.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1200205203200203200/Living-with-the-Stars-How-the-Human-Body-is-Connected-to-the-Life-Cycles-of-the-Earth-the-Planets-and-the-Stars-by-Karel-Schrijver.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/5202201207202209/The-Fleet-of-Stars-Harvest-of-Stars-4-by-Poul-Anderson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1209205207202203/The-Stars-are-Also-Fire-Harvest-of-Stars-2-by-Poul-Anderson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3207205204208202/Hidden-in-the-Stars-Falling-Stars-2-by-Sadie-Grubor.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3206203205200/The-Rising-Darkness-Rising-3-by-Kelley-Armstrong.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6206202207205204/Red-Rising-Red-Rising-Trilogy-1-by-Pierce-Brown.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/2206206208200207/Stars-Over-Stars-Heyoka-Blackeagle-2-by-K-D-Wentworth.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1206203200203208/The-Stars-Down-Under-The-Outback-Stars-2-by-Sandra-McDonald.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3205209205208207/The-Stars-of-Summer-All-Four-Stars-2-by-Tara-Dairman.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/7207202209208205/Everyone-Comes-to-Elaine-s-Forty-Years-of-Movie-Stars-All-Stars-Literary-Lions-Financial-Scions-Top-Cops-Politicians-and-Power-Brokers-at-the-Legendary-Hot-Spot-by-A-E-Hotchner.pdfIn PDF document text