Malicious PDF — malware analysis report

Static analysis result for SHA-256 83b9b34315ea2b63…

MALICIOUS

PDF

15.9 KB Created: 2019-05-03 05:10:48 +01:00 Authoring application: mPDF 5.7
MD5: d675082f895824a9bd5748da20a67762 SHA-1: 6a74b5a38a3eef0ead144d1b1795880a73edcbf4 SHA-256: 83b9b34315ea2b6384f23095d850406910dde175f95e834ce7c3f6bd938a08bf
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm, that point to external PDF files. These URLs are designed to appear as legitimate book downloads, likely as a lure to trick users into visiting malicious sites. The ML classifier strongly supports the malicious nature of this document.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9892

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/8734738731739/The-Sword-of-Summer-Magnus-Chase-and-the-Gods-of-Asgard-1-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3736732731734732/The-Sword-of-Summer-Magnus-Chase-and-the-Gods-of-Asgard-1-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3735735738730732/Magnus-Chase-and-the-Hammer-of-Thor-Magnus-Chase-and-the-Gods-of-Asgard-2-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2739733735731730/The-Ship-of-the-Dead-Magnus-Chase-and-the-Gods-of-Asgard-3-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/8739736735738738/Das-Schwert-des-Sommers-Magnus-Chase-and-the-Gods-of-Asgard-1-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2734730734734733/Magnus-Chase-and-the-Hammer-of-Thor-Book-2-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/6736732738737/Percy-Jackson-s-Greek-Gods-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2735738734730738/Percy-Jackson-s-Greek-Gods-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3738734732733/Demigods-and-Monsters-Your-Favorite-Authors-on-Rick-Riordan-s-Percy-Jackson-and-the-Olympians-Series-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/4736733735734739/The-Son-of-Magic-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2731738733739732/The-Sea-of-Monsters-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2738732738738/The-Lost-Hero-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/9737739731732732/De-troon-van-vuur-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3734733730737/The-Demigod-Diaries-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2739737734736/The-Throne-of-Fire-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/4738736738739739/The-Red-Pyramid-Kane-Chronicles-1-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/2736735733739738/The-Son-of-Neptune-Heroes-of-Olympus-2-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3733737734736/The-Maze-of-Bones-The-39-Clues-1-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/4736731737734734/The-Son-of-Neptune-The-Heroes-of-Olympus-2-by-Rick-Riordan.pdf
    • http://cefasfese.4pu.com/3737730738735737/The-Son-of-Neptune-The-Heroes-of-Olympus-2-by-Rick-Riordan.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.