Malicious PDF — malware analysis report

Static analysis result for SHA-256 912be91be5eef6ec…

MALICIOUS

PDF

12.4 KB Created: 2019-05-07 04:04:52 +01:00 Authoring application: mPDF 5.7
MD5: 59ba37900229fd71c9f6f28c1d73667c SHA-1: bb27c32f67ef8484a3de18dc070997d9335d5234 SHA-256: 912be91be5eef6ec94fa3ce1524d717db435f672c942ce547b1ae85ca5f577fe
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a link farm with 32 external links, as detected by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious. The primary attack pattern involves directing users to a large number of external PDF files, likely for SEO manipulation or to host malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a01a04a03a04a01/The-Choice-The-Choice-1-by-Heather-Gillette.pdf
    • http://muicuiu.dumb1.com/7a09a04a08a08a01/Choice-of-Broadsides-by-Heather-Albano.pdf
    • http://muicuiu.dumb1.com/7a09a04a09a04a08/Choice-of-Intrigues-by-Heather-Albano.pdf
    • http://muicuiu.dumb1.com/1a02a07a09a01a01/Channeler-s-Choice-Channeler-2-by-Heather-McCorkle.pdf
    • http://muicuiu.dumb1.com/1a00a07a08a07a06/The-Choice-by-T-O-Bolseen.pdf
    • http://muicuiu.dumb1.com/2a08a00a04a02a07/The-Choice-by-The-Arbinger-Institute.pdf
    • http://muicuiu.dumb1.com/7a04a08a04a03a05/Editor-s-Choice-by-Assouline.pdf
    • http://muicuiu.dumb1.com/3a03a06a05a00a02/The-Choice-by-Jake-Cross.pdf
    • http://muicuiu.dumb1.com/3a07a03a04a07a00/The-Choice-by-Robert-Whitlow.pdf
    • http://muicuiu.dumb1.com/3a02a08a07a09/The-Choice-by-Nicholas-Sparks.pdf
    • http://muicuiu.dumb1.com/3a03a04a07a05a05/The-Choice-by-Susan-Lewis.pdf
    • http://muicuiu.dumb1.com/4a06a03a01a09a03/The-Choice-by-Robert-Whitlow.pdf
    • http://muicuiu.dumb1.com/3a05a04a06a06a08/The-Choice-by-Tanya-R-Simon.pdf
    • http://muicuiu.dumb1.com/2a09a02a09a09a01/The-Choice-by-Nicholas-Sparks.pdf
    • http://muicuiu.dumb1.com/9a06a07a06a06/Messed-Up-By-Choice-by-Nikita.pdf
    • http://muicuiu.dumb1.com/5a09a01a09a01a05/A-Choice-of-Uppercuts-by-Oliver-Scharpf.pdf
    • http://muicuiu.dumb1.com/2a08a09a03a08a03/Colt-s-Choice-by-Patrice-Michelle.pdf
    • http://muicuiu.dumb1.com/1a04a05a04a07a08/The-Only-Choice-Choices-Trilogy-3-by-Dee-Palmer.pdf
    • http://muicuiu.dumb1.com/3a05a00a05a02a04/No-Choice-But-Surrender-by-Meagan-McKinney.pdf
    • http://muicuiu.dumb1.com/4a08a00a02a04a04/Hayden-s-Choice-by-Victoria-Kelley.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.