Malicious PDF — malware analysis report

Static analysis result for SHA-256 7e075bb47f1d1946…

MALICIOUS

PDF

18.1 KB Created: 2019-05-07 03:31:33 +01:00 Authoring application: mPDF 5.7
MD5: d0db704c5512ff00028ac48c7abab070 SHA-1: e4a40e8ac7985d9a6e562930a9601fa2c317f99e SHA-256: 7e075bb47f1d194634017b8fe6e87fe0b97287dc3018a59d403edf3e9615204e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic, suggesting a link farm or redirection scheme. While the URLs themselves are currently flagged as benign, the sheer volume and the ML classifier's high confidence indicate a malicious intent. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/9a09a09a00a05a08/Price-Waterhouse-by-Vault-com-Inc-.pdf
    • http://muicuiu.dumb1.com/9a09a08a08a05a06/Myth-and-Romance-The-Art-of-J-W-Waterhouse-by-John-William-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a09a00a05a09/The-Waterhouse-Oracle-by-John-William-Waterhouse.pdf
    • http://muicuiu.dumb1.com/2a05a04a05a01a06/The-Ultimate-Guide-to-Retirement-Planning-How-To-Retire-Early-And-Stay-Wealthy-For-Ever-Retirement-for-Dummies-Retirement-Investing-Early-Retirement-by-Jacob-Lindgren.pdf
    • http://muicuiu.dumb1.com/7a02a01a06a00a06/7-Most-Important-Equations-for-Your-Retirement-The-Fascinating-People-and-Ideas-Behind-Planning-Your-Retirement-Income-by-Moshe-A-Milevsky.pdf
    • http://muicuiu.dumb1.com/4a03a08a04a06/The-Price-of-Altruism-George-Price-and-the-Search-for-the-Origins-of-Kindness-by-Oren-Harman.pdf
    • http://muicuiu.dumb1.com/8a07a00a06a05/The-Price-of-Spring-Long-Price-Quartet-4-by-Daniel-Abraham.pdf
    • http://muicuiu.dumb1.com/5a09a03a04a04a09/Vincent-Price-A-Daughter-s-Biography-by-Victoria-Price.pdf
    • http://muicuiu.dumb1.com/6a01a03a02a07a09/The-Thoughts-and-Happenings-of-Wilfred-Price-Purveyor-of-Superior-Funerals-Wilfred-Price-1-by-Wendy-Jones.pdf
    • http://muicuiu.dumb1.com/9a09a09a01a03a04/In-My-Words-by-Gai-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a09a00a06a03/Zoroastrianism-by-John-W-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a08a08a06a04/Blue-Box-Boy-by-Matthew-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a09a01a04a02/How-to-Live-to-Be-22-by-Keith-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a08a08a05a07/The-Waterhouse-by-Jubal-Tiner.pdf
    • http://muicuiu.dumb1.com/9a09a09a00a06a09/Our-Song-by-Keith-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a08a08a05a04/J-W-Waterhouse-by-Anthony-Hobson.pdf
    • http://muicuiu.dumb1.com/9a09a08a09a01a07/Indie-Craft-by-Jo-Waterhouse.pdf
    • http://muicuiu.dumb1.com/4a06a00a00a08a09/Soul-Love-by-Lynda-Waterhouse.pdf
    • http://muicuiu.dumb1.com/3a09a08a03a09/Billy-Liar-by-Keith-Waterhouse.pdf
    • http://muicuiu.dumb1.com/9a09a08a08a06a03/Waterhouse-Darkstepper-Quadrilogy-1-by-Antonio-Lozada.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.