Malicious PDF — malware analysis report

Static analysis result for SHA-256 9ee3369af0f7025d…

MALICIOUS

PDF

18.2 KB Created: 2020-03-18 22:33:57 +00:00 Authoring application: mPDF 5.7
MD5: b23f68d827173e8486d6e1e708e573dc SHA-1: 3ee9c31dc165b525bf505296254f06cea67ae8b9 SHA-256: 9ee3369af0f7025d19a5c02bd19ef968254c9f3bffc8102910ad3ef65b24d050
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a large number of embedded links to external PDF documents, hosted on the domain easckaolp.myhome.cx. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9754

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://easckaolp.myhome.cx/9846847846845844/Technopoles-of-the-World-The-Making-of-21st-Century-Industrial-Complexes-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/9846847845844845/Castells-Reader-Cities-Social-Theory-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/9846847845844840/Conversations-with-Manuel-Castells-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/9846847847842846/Manuel-Castells-by-Frank-Webster.pdf
    • http://easckaolp.myhome.cx/9846847847842845/Manuel-Castells-by-Jesse-Russell.pdf
    • http://easckaolp.myhome.cx/9846847845847845/The-Urban-Question-A-Marxist-Approach-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/3846847845849842/End-of-Millennium-The-Information-Age-Economy-Society-and-Culture-Volume-III-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/1840841849844847845/Home-from-Nowhere-Remaking-Our-Everyday-World-for-the-21st-Century-by-James-Howard-Kunstler.pdf
    • http://easckaolp.myhome.cx/1840841849843841846/State-Building-Governance-and-World-Order-in-the-21st-Century-by-Francis-Fukuyama.pdf
    • http://easckaolp.myhome.cx/9846847844849846/The-Internet-Galaxy-Reflections-on-the-Internet-Business-and-Society-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/9846847845848843/Another-Economy-is-Possible-Culture-and-Economy-in-a-Time-of-Crisis-by-Manuel-Castells.pdf
    • http://easckaolp.myhome.cx/9846847846845843/Castells-Medievals-37-Castells-de-La-Garrotxa-by-Ferran-del-Campo-i-Jorda.pdf
    • http://easckaolp.myhome.cx/1840841849844841846/21st-Century-Yokel-by-Tom-Cox.pdf
    • http://easckaolp.myhome.cx/3840847845841842/Tales-for-the-21st-Century-by-W-Freedreamer-Tinkanesh.pdf
    • http://easckaolp.myhome.cx/5841840845844848/Who-Are-We-And-Should-It-Matter-In-The-21st-Century-by-Gary-Younge.pdf
    • http://easckaolp.myhome.cx/4848848843840844/Self-Sufficiency-for-the-21st-Century-by-Dick-Strawbridge.pdf
    • http://easckaolp.myhome.cx/5844841849841845/On-the-Eve-of-the-21st-Century-Challenges-and-Responses-by-Erzebet-Gidai.pdf
    • http://easckaolp.myhome.cx/7844845848843847/What-Do-You-Expect-from-an-Art-Institution-in-the-21st-Century-by-Palais-de-Tokyo.pdf
    • http://easckaolp.myhome.cx/9849848840849845/Reuters-Sports-in-the-21st-Century-by-Thames-amp-Hudson.pdf
    • http://easckaolp.myhome.cx/1840841849844841845/Sometime-in-the-21st-Century-a-book-for-strangers-by-James-Banks.pdf
    • http://easckaolp.myhome.cx/3846847845849842/End-of-Millenniu

Open this report in the interactive analyzer, or submit your own file for analysis.