Malicious PDF — malware analysis report

Static analysis result for SHA-256 a17d6576f879bf39…

MALICIOUS

PDF

15.4 KB Created: 2019-04-30 04:04:38 +01:00 Authoring application: mPDF 5.7
MD5: de16588c507c5013e08fc981d8d31a36 SHA-1: 66baae08b2d45f51f1d7837ce148d105193f7728 SHA-256: a17d6576f879bf395eb0d17d56a9b757ed1d88b2f6d80f83e75aa62bb6052ebf
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files hosted on the domain 'muicuiu.dumb1.com'. This is indicative of a link farm or SEO poisoning attack, designed to drive traffic to potentially malicious or unwanted content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/8a01a08a04a02/Matched-Matched-1-by-Ally-Condie.pdf
    • http://muicuiu.dumb1.com/8a05a03a07a07/Reached-Matched-3-by-Ally-Condie.pdf
    • http://muicuiu.dumb1.com/8a02a05a04a00/Reached-Matched-3-by-Ally-Condie.pdf
    • http://muicuiu.dumb1.com/2a05a07a03a06a01/Crossed-Matched-2-by-Ally-Condie.pdf
    • http://muicuiu.dumb1.com/9a00a02a05a05a00/Matched-by-Ally-Condie-l-Summary-amp-Study-Guide-by-BookRags.pdf
    • http://muicuiu.dumb1.com/8a02a04a05a05/Atlantia-by-Ally-Condie.pdf
    • http://muicuiu.dumb1.com/1a08a03a07a08a03/The-Switch-by-Catherine-Condie.pdf
    • http://muicuiu.dumb1.com/1a01a03a02a09a09a04/Verr-ckt-nouvelle-by-Condie-Ra-s.pdf
    • http://muicuiu.dumb1.com/1a08a03a08a01a05/Whirl-of-the-Wheel-by-Catherine-Condie.pdf
    • http://muicuiu.dumb1.com/9a00a02a05a05a07/Song-of-Redeeming-Love-by-Spencer-J-Condie.pdf
    • http://muicuiu.dumb1.com/2a06a05a03a03a01/Almost-Matched-Almost-Bad-Boys-1-by-A-O-Peart.pdf
    • http://muicuiu.dumb1.com/1a02a05a07a02a05/Matched-Galactic-Battle-1-by-L-H-Whitlock.pdf
    • http://muicuiu.dumb1.com/4a06a02a01a01a00/Elf-Struck-Matched-by-Magic-4-by-Jenna-Castille.pdf
    • http://muicuiu.dumb1.com/9a00a02a05a06a02/Origin-And-Evolution-Of-Earth-Principles-Of-Historical-Geology-by-Kent-C-Condie.pdf
    • http://muicuiu.dumb1.com/7a06a04a05a00/Perfectly-Matched-Lucy-Valentine-4-by-Heather-Webber.pdf
    • http://muicuiu.dumb1.com/4a08a03a00a03a08/Their-Perfect-Melody-Matched-to-Perfection-3-by-Priscilla-Oliveras.pdf
    • http://muicuiu.dumb1.com/7a01a03a01a08a00/The-Miss-Matched-The-Rakehell-Regency-3-by-Sorcha-MacMurrough.pdf
    • http://muicuiu.dumb1.com/2a04a04a05a05a07/Dirty-Trick-Perfectly-Matched-1-by-Christine-Bell.pdf
    • http://muicuiu.dumb1.com/1a00a03a00a03a09a07/The-Ecology-of-Animal-Senses-Matched-Filters-for-Economical-Sensing-by-Gerhard-von-der-Emde.pdf
    • http://muicuiu.dumb1.com/7a08a07a08a03a02/Faite-pour-le-Sheikh-Matched-with-the-Sheikh-1-by-Alex-Anders.pdf
    • http://muicuiu.dumb1.com/4a06a02a01a01a00/Elf-Struck-Matched-by-M

Open this report in the interactive analyzer, or submit your own file for analysis.