Malicious PDF — malware analysis report

Static analysis result for SHA-256 7cfcf81b672a24c7…

MALICIOUS

PDF

19.0 KB Created: 2019-04-30 06:46:19 +01:00 Authoring application: mPDF 5.7 First seen: 2021-05-04
MD5: 72f903a184da93671f172196289ee69b SHA-1: c8d7cb51f5a947c46a9ecc0efcb085dc68c11679 SHA-256: 7cfcf81b672a24c747c04147a482a9376b5a185e20e4710e8828365245d2c7c1
92 Risk Score

Machine Learning

  • Nyx PDF Classifier malicious score 0.9912

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/6209207205205208/Walking-with-Dinosaurs-A-Natural-History-by-Tim-Haines.pdf In PDF document text
    • http://xiixmcuin.linkpc.net/6206206205205200/Documentarios-Walking-with-Beasts-Shockumentary-Le-Peuple-Migrateur-Theodorico-O-Imperador-Do-Sertao-Walking-with-Dinosaurs-by-Source-Wikipedia.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/5203206208206207/Walking-Among-the-Dinosaurs-With-3-D-Glasses-by-Nathalie-Valliere.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1206202208209208/Collected-Works-of-Max-Haines-Volume-5-by-Max-Haines.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/7208205205/The-Rise-and-Fall-of-the-Dinosaurs-A-New-History-of-a-Lost-World-by-Stephen-Brusatte.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/8206200209204/The-Rise-and-Fall-of-the-Dinosaurs-A-New-History-of-a-Lost-World-by-Stephen-Brusatte.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4201207207207204/Wanderlust-A-History-of-Walking-by-Rebecca-Solnit.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6209200202207203/The-Natural-History-of-Unicorns-by-Chris-Lavers.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4204207206203208/The-Natural-History-of-Canterbury-by-Michael-Winterbourn.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/5208205202205209/A-Natural-History-of-the-Romance-Novel-by-Pamela-Regis.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/1204204205202204/Sahara-A-Natural-History-by-Marq-de-Villiers.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4204206203204202/The-Natural-History-of-Unicorns-by-Chris-Lavers.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/3202204208205201/The-Natural-History-of-Selborne-by-Gilbert-White.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/8202201207202200/The-History-of-Natural-Hygiene-by-Hereward-Carrington.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/7209204200206201/North-Atlantic-Biota-and-Their-History-A-Symposium-Held-at-the-University-of-Iceland-Reykjav-k-July-1962-Under-the-Auspices-of-the-University-of-Iceland-and-the-Museum-of-Natural-History-Editors-Askell-L-ve-and-Doris-L-ve-Sponsored-by-the-Nat-by-Reykjavik-Natturugripasafnid.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/5205207200208206/Vestiges-of-the-Natural-History-of-Creation-by-Robert-Chambers.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/7200206/Rain-A-Natural-and-Cultural-History-by-Cynthia-Barnett.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/6203206201200/Totara-a-Natural-and-Cultural-History-by-Philip-Simpson.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/4209204204204204/The-Natural-History-and-Antiquities-of-Selborne-by-Gilbert-White.pdfIn PDF document text
    • http://xiixmcuin.linkpc.net/5200207200200200/Coyote-America-A-Natural-and-Supernatural-History-by-Dan-Flores.pdfIn PDF document text