Malicious PDF — malware analysis report

Static analysis result for SHA-256 7bb48a278fd57c63…

MALICIOUS

PDF

18.6 KB Created: 2020-03-20 12:17:23 +00:00 Authoring application: mPDF 5.7
MD5: d6934b85ab13139ca27efb30aa054707 SHA-1: c36a491ba5b03d9d530cbee04a55ba1f03d04daa SHA-256: 7bb48a278fd57c630d57025fe52586685d434bb34226151e67e57a66d4b528fe
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'ieuicufioao.myhome.cx'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9920

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/5552552553559553/The-Seamstress-by-Geraldine-Wooller.pdf
    • http://ieuicufioao.myhome.cx/3553557556557557/The-Seamstress-by-Frances-de-Pontes-Peebles.pdf
    • http://ieuicufioao.myhome.cx/3555554552556556/The-Last-Honest-Seamstress-by-Gina-Robinson.pdf
    • http://ieuicufioao.myhome.cx/8557559557554/The-Seamstress-by-Frances-de-Pontes-Peebles.pdf
    • http://ieuicufioao.myhome.cx/7557554554553/The-Amish-Seamstress-by-Mindy-Starns-Clark.pdf
    • http://ieuicufioao.myhome.cx/4553552554557559/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/8555559558557552/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/3556558554558553/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/6554558551555/Forgotten-Hollywood-Forgotten-History-by-Manny-Pacheco.pdf
    • http://ieuicufioao.myhome.cx/2557559556555555/Forgotten-Self-Forgotten-Self-1-by-Rachel-Carr.pdf
    • http://ieuicufioao.myhome.cx/1551551556559558557/Forgotten-Realms-Deities-List-of-Forgotten-Realms-Characters-List-of-Forgotten-Realms-Deities-Giant-Deities-Lolth-Elf-Deities-Tiamat-by-Source-Wikipedia.pdf
    • http://ieuicufioao.myhome.cx/1550554551558550/Downstairs-Upstairs-The-Seamstress-The-Butler-The-quot-Nomad-Diplomats-quot-and-Me----A-Dual-Memoir-by-Carol-Ann-P-Cote.pdf
    • http://ieuicufioao.myhome.cx/3553556556552552/Forgotten-by-Cat-Patrick.pdf
    • http://ieuicufioao.myhome.cx/1552555558551551/The-Forgotten-by-M-Stringfield.pdf
    • http://ieuicufioao.myhome.cx/1551558552558559/Forgotten-Treasures-by-B-M-Killaire.pdf
    • http://ieuicufioao.myhome.cx/3555554556556559/Best-Forgotten-by-Kathryn-White.pdf
    • http://ieuicufioao.myhome.cx/2557553551559552/Almost-Lost-Never-Forgotten-by-T-L-Sieving.pdf
    • http://ieuicufioao.myhome.cx/2550557558551/Forgotten-Son-by-Linda-Warren.pdf
    • http://ieuicufioao.myhome.cx/3552553556554558/Doctor-Who-The-Forgotten-by-Tony-Lee.pdf
    • http://ieuicufioao.myhome.cx/3550558557552557/The-Forgotten-Door-by-Alexander-Key.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.