Malicious PDF — malware analysis report

Static analysis result for SHA-256 7aba1ea2600db61c…

MALICIOUS

PDF

17.1 KB Created: 2019-04-30 04:06:21 +01:00 Authoring application: mPDF 5.7
MD5: fddef1cc690f7487530f234128defca5 SHA-1: 0a88e172f8e4e851b4f2506f258cbf8c6200524c SHA-256: 7aba1ea2600db61cd06c0536675721ecfd1f0d2eb2afe4b8d5190232b5e16a90
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While the specific URLs extracted are currently marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO manipulation or to redirect users to malicious sites. The ML classifier also flagged this PDF with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a00a09a01a08a06a02/Marvel-Now-PB-Iron-Man-Glauben-Marvel-Now-Iron-Man-by-Kieron-Gillen.pdf
    • http://muicuiu.dumb1.com/4a05a03a03a04a09/Iron-Man-Volume-3-The-Secret-Origin-of-Tony-Stark-Book-2-by-Kieron-Gillen.pdf
    • http://muicuiu.dumb1.com/3a08a05a01a04a06/Marvel-Platinum-The-Definitive-Iron-Man-by-Stan-Lee.pdf
    • http://muicuiu.dumb1.com/2a01a07a08a05a02/Marvel-Platinum-The-Definitive-Iron-Man-Reloaded-by-Stan-Lee.pdf
    • http://muicuiu.dumb1.com/9a04a09a01a01a07/Iron-Fey-Series-Volume-1-The-Iron-King-Winter-s-Passage-The-Iron-Daughter-The-Iron-Queen-Summer-s-Crossing-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a04a02a07a00a09/Journey-Into-Mystery-by-Kieron-Gillen-The-Complete-Collection-Vol-1-by-Kieron-Gillen.pdf
    • http://muicuiu.dumb1.com/1a09a03a04a06a06/Heroes-of-Power-The-Women-of-Marvel-All-New-Marvel-Treasury-Edition-by-Christopher-Hastings.pdf
    • http://muicuiu.dumb1.com/3a00a06a03a01a07/Uncanny-X-Men-By-Kieron-Gillen-Volume-1-by-Kieron-Gillen.pdf
    • http://muicuiu.dumb1.com/9a04a01a06a06a01/The-Iron-Thorn---Fl-sternde-Magie-Iron-Codex-1-by-Caitlin-Kittredge.pdf
    • http://muicuiu.dumb1.com/4a08a03a04a05a05/The-Iron-Traitor-The-Iron-Fey-Call-of-the-Forgotten-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a00a06a08a03a03/Iron-King-1-The-Iron-Fey-Manga-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/2a03a03a05a02a07/The-Iron-Duke-Iron-Seas-1-by-Meljean-Brook.pdf
    • http://muicuiu.dumb1.com/4a07a08a00a00/The-Iron-Thorn-Iron-Codex-1-by-Caitlin-Kittredge.pdf
    • http://muicuiu.dumb1.com/3a02a08a03a02/The-Iron-Daughter-The-Iron-Fey-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a07a08a00a03a06/The-Iron-King-The-Iron-Fey-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a04a02a04a07/Iron-s-Prophecy-The-Iron-Fey-4-5-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a03a06a09a07a05/The-Iron-Daughter-Iron-Fey-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/1a03a03a05a02a06/The-Iron-Knight-The-Iron-Fey-4-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/1a03a03a04a02a02/The-Iron-Queen-The-Iron-Fey-3-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/7a04a06a09a04a06/Iron-Man-War-of-the-Iron-Men-by-Fred-Van-Lente.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.