Malicious PDF — malware analysis report

Static analysis result for SHA-256 7aef5bf0132457c1…

MALICIOUS

PDF

19.5 KB Created: 2020-03-20 07:41:44 +00:00 Authoring application: mPDF 5.7
MD5: 777e95409410c256d64e66c670859106 SHA-1: bf3c3fdbc5885062b3175df57e987ac4852a95a4 SHA-256: 7aef5bf0132457c161d33b99d2f6fc75f849b027ffb546ff95a9943e066f0cbf
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded links pointing to external PDF files hosted on the domain 'laoieoa.myhome.cx'. This behavior is indicative of a link farm or a lure to download further malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9542

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://laoieoa.myhome.cx/3c03c08c09c05c06/The-Creation-of-Anne-Boleyn-A-New-Look-at-England-s-Most-Notorious-Queen-by-Susan-Bordo.pdf
    • http://laoieoa.myhome.cx/2c07c02c09c00c07/Anne-Boleyn-A-New-Life-of-England-s-Tragic-Queen-by-Joanna-Denny.pdf
    • http://laoieoa.myhome.cx/3c03c08c07c05c01/Love-Letters-of-Henry-VIII-to-Anne-Boleyn-by-Henry-VIII-of-England.pdf
    • http://laoieoa.myhome.cx/4c06c01c06c06c03/The-Destruction-of-Hillary-Clinton-by-Susan-Bordo.pdf
    • http://laoieoa.myhome.cx/2c05c03c05c04c06/The-Male-Body-A-New-Look-at-Men-in-Public-and-in-Private-by-Susan-Bordo.pdf
    • http://laoieoa.myhome.cx/2c05c02c01c09c02/In-Bed-with-Anne-Boleyn-A-Novel-by-Lacey-Baldwin-Smith.pdf
    • http://laoieoa.myhome.cx/3c03c09c05c04c08/Anne-Boleyn-Fatal-Attractions-by-G-W-Bernard.pdf
    • http://laoieoa.myhome.cx/1c01c06c02c05c02/Threads-The-Reincarnation-of-Anne-Boleyn-by-Nell-Gavin.pdf
    • http://laoieoa.myhome.cx/5c00c09c03c03/The-Life-and-Death-of-Anne-Boleyn-by-Eric-Ives.pdf
    • http://laoieoa.myhome.cx/2c00c05c04c03c07/The-Secret-Diary-of-Anne-Boleyn-by-Robin-Maxwell.pdf
    • http://laoieoa.myhome.cx/3c03c09c08c08c04/Le-Temps-Viendra-A-Novel-of-Anne-Boleyn-Volume-II-by-Sarah-Morris.pdf
    • http://laoieoa.myhome.cx/2c03c02c03c06c09/The-Lady-in-the-Tower-The-Fall-of-Anne-Boleyn-by-Alison-Weir.pdf
    • http://laoieoa.myhome.cx/2c02c00c09c00c00/The-Kiss-of-the-Concubine-A-story-of-Anne-Boleyn-by-Judith-Arnopp.pdf
    • http://laoieoa.myhome.cx/7c07c05c02c04c06/Tudor-Passion-Manipulation-Murder-The-Story-of-England-s-Most-Notorious-Royal-Family-by-Leanda-de-Lisle.pdf
    • http://laoieoa.myhome.cx/3c03c00c01c09c08/In-the-Shadow-of-Lions-A-Novel-of-Anne-Boleyn-Chronicles-of-the-Scribe-1-by-Ginger-Garrett.pdf
    • http://laoieoa.myhome.cx/4c02c09c05c00c07/The-Anne-Boleyn-Collection-The-Real-Truth-about-the-Tudors-by-Claire-Ridgway.pdf
    • http://laoieoa.myhome.cx/4c08c03c06c04c05/Anne-Boleyn-and-Me-The-Diary-of-Elinor-Valjean-London-1525-1536-by-Alison-Prince.pdf
    • http://laoieoa.myhome.cx/2c02c00c00c06c02/The-Boleyn-Deceit-The-Boleyn-Trilogy-2-by-Laura-Andersen.pdf
    • http://laoieoa.myhome.cx/1c02c02c01c00c07/Twilight-of-a-Queen-The-Dark-Queen-Saga-5-by-Susan-Carroll.pdf
    • http://laoieoa.myhome.cx/7c05c02c05c04/Vengeance-Is-Mine-A-Novel-Of-Anne-Boleyn-Katherine-Howard-And-Lady-Rochford-The-Woman-Who-Helped-Destroy-Them-Both-by-Brandy-Purdy.pdf
    • http://laoieoa.myhome.cx/5c00c09c03c03/The-Life

Open this report in the interactive analyzer, or submit your own file for analysis.