Malicious PDF — malware analysis report

Static analysis result for SHA-256 9929919e73e0ff73…

MALICIOUS

PDF

17.9 KB Created: 2019-04-30 05:31:55 +01:00 Authoring application: mPDF 5.7
MD5: a2aa5e66f4f90ee2cbae4327584432d9 SHA-1: 660b3257a9baf4dcf3dae92b8af894562085a5a9 SHA-256: 9929919e73e0ff731da9c5e855709d910aa1bf2f54fdabe3ca76e37d0f21d1af
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The ML classifier strongly indicated maliciousness. While no scripts were extracted, the sheer volume of links suggests a malicious intent to redirect users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a06a08a05a08/The-Case-of-the-Case-of-Mistaken-Identity-Brixton-Brothers-1-by-Mac-Barnett.pdf
    • http://muicuiu.dumb1.com/3a08a09a01a08a04/A-Case-of-Identity-by-Arthur-Conan-Doyle.pdf
    • http://muicuiu.dumb1.com/1a08a09a08a05a05/The-Case-for-Christmas-A-Journalist-Investigates-the-Identity-of-the-Child-in-the-Manger-by-Lee-Strobel.pdf
    • http://muicuiu.dumb1.com/8a06a06a04a00a03/The-Case-of-the-Werewolf-Puppy-Warlock-Case-Files-2-by-Juli-Monroe.pdf
    • http://muicuiu.dumb1.com/5a08a02a06a03a01/The-Case-of-the-Bouncing-Betty-The-Case-of-the-Violent-Virgin-by-Michael-Avallone.pdf
    • http://muicuiu.dumb1.com/4a09a07a08a04a04/The-Case-Against-The-Case-for-Christ-by-Robert-M-Price.pdf
    • http://muicuiu.dumb1.com/1a04a04a06a05a05/Mistaken-Identity-by-Norah-McClintock.pdf
    • http://muicuiu.dumb1.com/9a09a01a00a04a09/The-Adventures-of-Sherlock-Holmes-Complete-Edition-A-Scandal-in-Bohemia-The-Red-Headed-League-A-Case-of-Identity-The-Boscombe-Valley-Mystery-The-Lip-The-Blue-Carbuncle-The-Speckled-Band-by-Arthur-Conan-Doyle.pdf
    • http://muicuiu.dumb1.com/9a03a05a02/The-Hubley-Case-by-J-Lee.pdf
    • http://muicuiu.dumb1.com/3a02a04a03a07a08/Just-in-Case-by-Meg-Rosoff.pdf
    • http://muicuiu.dumb1.com/3a05a05a07a09a00/Little-Disquietude-by-C-E-Case.pdf
    • http://muicuiu.dumb1.com/1a01a08a05a06a06/Little-Arias-by-Kristen-Case.pdf
    • http://muicuiu.dumb1.com/8a06a02a07a02a01/The-Riverton-Case-by-P-B-Kolleri.pdf
    • http://muicuiu.dumb1.com/1a03a04a03a00a08/The-Eighth-Day-by-John-Case.pdf
    • http://muicuiu.dumb1.com/9a09a00a09a08a06/The-Art-of-War-Slip-Case-Edition-by-Sun-Tzu.pdf
    • http://muicuiu.dumb1.com/2a04a03a08a05/The-Creep-by-Jonathan-Case.pdf
    • http://muicuiu.dumb1.com/2a00a00a04a03a02/Wingmen-by-Ensan-Case.pdf
    • http://muicuiu.dumb1.com/2a04a07a07a06a06/In-Case-We-Die-by-Danny-Bland.pdf
    • http://muicuiu.dumb1.com/8a00a03a09a02a08/The-Case-Against-Satan-by-Ray-Russell.pdf
    • http://muicuiu.dumb1.com/1a06a04a09a02/Coffin-on-a-Case-by-Eve-Bunting.pdf
    • http://muicuiu.dumb1.com/9a09a01a00a04a09/The-Adventures-of-Sherlock-Holmes-Complete-Edition-A-Scandal-in-Bohemia-The-Red-Headed-League-A

Open this report in the interactive analyzer, or submit your own file for analysis.