Malicious PDF — malware analysis report

Static analysis result for SHA-256 a2f72a9cedbe87fb…

MALICIOUS

PDF

13.6 KB Created: 2019-04-30 03:47:45 +01:00 Authoring application: mPDF 5.7
MD5: d4240998d309db50874e3c5747a059d9 SHA-1: 8d64bbc6af8043d3fc1f7202e432f9d24d656b5d SHA-256: a2f72a9cedbe87fba1b900d9ff9286229e94e2062b361da759c30956562f70ca
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified as a 'PDF_SEO_LINK_FARM' heuristic. While the document body is heavily obfuscated, the presence of numerous links suggests a tactic to manipulate search engine results or direct users to potentially malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a03a07a09a09a07/Keeper-of-my-Heart-by-Karie-Hendon.pdf
    • http://muicuiu.dumb1.com/1a07a09a02a06a08/Keeper-of-the-Golden-Dragon-s-Heart-Cedar-River-1-by-Gemma-K-Murray.pdf
    • http://muicuiu.dumb1.com/7a04a07a02a02a06/The-Keeper-s-Quest-The-Second-Book-in-the-Keeper-s-Deries-by-MR-Peter-Bolton.pdf
    • http://muicuiu.dumb1.com/5a01a03a07a01/Keeper-Keeper-Series-1-by-Robyn-Roze.pdf
    • http://muicuiu.dumb1.com/6a07a05a08a01a02/The-Crystal-Keeper-Crystal-Keeper-1-3-by-Laurisa-White-Reyes.pdf
    • http://muicuiu.dumb1.com/4a07a01a09a00a01/The-Secret-Keeper-Up-All-Night-The-Secret-Keeper-3-by-Brea-Brown.pdf
    • http://muicuiu.dumb1.com/3a07a00a05a00a01/The-New-Boy-by-Arielle-Pierce.pdf
    • http://muicuiu.dumb1.com/5a00a02a09a08a05/Amenhotep-III-by-Arielle-P-Kozloff.pdf
    • http://muicuiu.dumb1.com/7a00a01a03a06a07/Insured-For-Love-by-Arielle.pdf
    • http://muicuiu.dumb1.com/4a00a04a08a04a03/The-Secret-Keeper-The-Secret-Keeper-1-by-Brea-Brown.pdf
    • http://muicuiu.dumb1.com/3a00a02a05a03a06/Dragon-Keeper-Dragon-Keeper-1-by-Carole-Wilkinson.pdf
    • http://muicuiu.dumb1.com/3a09a08a02a01a07/Reclaiming-Souls-by-Arielle-Caldwell.pdf
    • http://muicuiu.dumb1.com/7a00a01a02a08a07/Fighting-for-Arielle-by-Karina-Sharp.pdf
    • http://muicuiu.dumb1.com/6a08a01a08a09a08/The-Faery-Reel-by-Arielle-Pierce.pdf
    • http://muicuiu.dumb1.com/3a00a00a00a09a04/Un-Common-Ground-by-Arielle-Pierce.pdf
    • http://muicuiu.dumb1.com/2a09a07a01a06a08/Kept-Arielle-Lockley-1-by-Elle-Field.pdf
    • http://muicuiu.dumb1.com/3a08a03a08a00a00/Lost-Arielle-Lockley-2-by-Elle-Field.pdf
    • http://muicuiu.dumb1.com/7a00a01a03a08a06/Found-Arielle-Lockley-3-by-Elle-Field.pdf
    • http://muicuiu.dumb1.com/7a00a01a03a09a06/The-Cherry-On-Top-Vegas-Firsts-1-by-Arielle-Hudson.pdf
    • http://muicuiu.dumb1.com/7a00a00a05a01a01/Giordano-Bruno-and-the-Geometry-of-Language-by-Arielle-Saiber.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.