Malicious PDF — malware analysis report

Static analysis result for SHA-256 9ffaf71cea032eee…

MALICIOUS

PDF

17.3 KB Created: 2019-05-04 13:57:07 +01:00 Authoring application: mPDF 5.7
MD5: 58e87c8059bb0c39a8a6e4a3be743d29 SHA-1: 72b69bb9c8cf1183bf1c6f90f74bcc53d3535ddb SHA-256: 9ffaf71cea032eee8af5361a8ef6f493a8afd2a7b91a8b40ca687d9ddc9f7133
62 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The file is identified as a malicious PDF dropper by ClamAV. It contains embedded URLs that masquerade as book titles, likely intended to trick users into downloading further malicious content. The primary IOC is the first embedded URL, which is also flagged by PDF_URI heuristics.

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7085323-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7085323-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://zacdsa.linkpc.net/4c56c57c59c57c52/Murder-Most-Witchy-Wendy-Lightower-Mystery-1-by-Emily-Rylands.pdf
    • http://zacdsa.linkpc.net/2c52c51c56c51c57/A-Parfait-Murder-A-Mystery-a-La-Mode-3-by-Wendy-Lyn-Watson.pdf
    • http://zacdsa.linkpc.net/3c53c58c56c54c57/Witchy-Sour-The-Magic-amp-Mixology-Mystery-2-by-Gina-LaManna.pdf
    • http://zacdsa.linkpc.net/4c59c51c53c57c53/Murder-Imperfect-Libby-Sarjeant-Murder-Mystery-Series-by-Lesley-Cookman.pdf
    • http://zacdsa.linkpc.net/4c59c51c55c55c59/Murder-in-the-Green-Libby-Sarjeant-Murder-Mystery-Series-by-Lesley-Cookman.pdf
    • http://zacdsa.linkpc.net/4c59c51c53c57c56/Murder-in-Bloom-Libby-Sarjeant-Murder-Mystery-Series-by-Lesley-Cookman.pdf
    • http://zacdsa.linkpc.net/3c58c57c52c55c54/Murder-Becomes-Miami-A-Dalton-Lee-Mystery-The-Murder-Becomes-series-Book-2-by-Jeffrey-Eaton.pdf
    • http://zacdsa.linkpc.net/3c58c56c53c56c53/Murder-Most-Green-Everything-You-Need-to-Host-a-St-Patrick-s-Day-Murder-Mystery-by-Jack-Pachuta.pdf
    • http://zacdsa.linkpc.net/4c52c58c53c56c51/Murder-at-the-Academy-Awards-A-Red-Carpet-Murder-Mystery-by-Joan-Rivers.pdf
    • http://zacdsa.linkpc.net/1c50c56c57c55c55c58/A-Merry-Little-Murder-A-Rhodes-to-Murder-Mystery-Bk-1-by-Mary-Welk.pdf
    • http://zacdsa.linkpc.net/6c51c50c56c50c56/Murder-on-Santorini-by-Emily-Senecal.pdf
    • http://zacdsa.linkpc.net/7c51c50c54c57c58/Murder-for-Emily-s-Sake-by-Larry-Timm.pdf
    • http://zacdsa.linkpc.net/8c52c54c59c50c56/Snow-Happens-Alaska-Cozy-Mystery-3-by-Wendy-Meadows.pdf
    • http://zacdsa.linkpc.net/2c51c57c56c54c50/Dying-Brand-Allison-Campbell-Mystery-3-by-Wendy-Tyson.pdf
    • http://zacdsa.linkpc.net/2c54c58c58c57c50/Deadly-Assets-Allison-Campbell-Mystery-2-by-Wendy-Tyson.pdf
    • http://zacdsa.linkpc.net/2c52c58c56c56c57/Dead-and-Kicking-A-Ghost-Dusters-Mystery-3-by-Wendy-Roberts.pdf
    • http://zacdsa.linkpc.net/5c51c50c58c58c56/Sex-Lies-and-Snickerdoodles-Working-Stiffs-Mystery-2-by-Wendy-Delaney.pdf
    • http://zacdsa.linkpc.net/8c52c54c58c53c56/Deep-in-the-Snow-Alaska-Cozy-Mystery-2-by-Wendy-Meadows.pdf
    • http://zacdsa.linkpc.net/4c53c50c56c55c50/Murder-on-the-Disoriented-Express-Illusive-1-5-by-Emily-Lloyd-Jones.pdf
    • http://zacdsa.linkpc.net/2c54c58c58c59c51/The-Seduction-of-Miriam-Cross-A-Delilah-Percy-Powers-Mystery-1-by-Wendy-Tyson.pdf
    • http://zacdsa.linkpc.net/3c58c56c53c56

Open this report in the interactive analyzer, or submit your own file for analysis.