Malicious PDF — malware analysis report

Static analysis result for SHA-256 a5c10d8171587bcf…

MALICIOUS

PDF

33.2 KB Created: 2020-03-20 11:20:53 +00:00 Authoring application: mPDF 5.7
MD5: 9e2a47ca4cc6645432264865eff647bb SHA-1: f227da36fea9ced4f1431fde665f30a5c6987429 SHA-256: a5c10d8171587bcf2a10d2ef20bae3cb5ab454c2e9335a63f053b02856e1d4fe
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file was flagged by a machine learning classifier as malicious and contains a large number of embedded links to external PDF files, indicating a link farm or redirection to malicious content. The primary heuristic identified a "PDF_SEO_LINK_FARM" with 32 external links, suggesting a tactic to distribute malicious payloads or phish users. The embedded URLs are the highest priority IOCs.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9688

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/4551553554559559/Island-on-Fire-The-Extraordinary-Story-of-a-Forgotten-Volcano-That-Changed-the-World-by-Alexandra-Witze.pdf
    • http://ieuicufioao.myhome.cx/1550558550558551559/Island-on-Fire-The-Extraordinary-Story-of-a-Forgotten-Volcano-That-Covered-a-Continent-in-Darkness-by-Alexandra-Witze.pdf
    • http://ieuicufioao.myhome.cx/1550558550558552551/Island-on-Fire-The-Extraordinary-Story-of-a-Forgotten-Volcano-That-Covered-a-Continent-in-Darkness-by-Alexandra-Witze.pdf
    • http://ieuicufioao.myhome.cx/2553559554559558/Island-on-Fire-The-extraordinary-story-of-Laki-the-volcano-that-turned-eighteenth-century-Europe-dark-by-Alexandra-Witze.pdf
    • http://ieuicufioao.myhome.cx/1550558550559558552/Witz-100-Witze-ber-M-nner---Harte-aber-ehrliche-Witze-ber-den-Mann-Abschalten-und-Schmunzeln-100-Witze-Witze-E-Book-Witze-Lustig-by-Marcel-Dornis.pdf
    • http://ieuicufioao.myhome.cx/7554555551/Bygone-Badass-Broads-52-Forgotten-Women-Who-Changed-the-World-by-Mackenzi-Lee.pdf
    • http://ieuicufioao.myhome.cx/4551555554556/Charlie-Wilson-s-War-The-Extraordinary-Story-of-How-the-Wildest-Man-in-Congress-and-a-Rogue-CIA-Agent-Changed-the-History-of-our-Times-by-George-Crile.pdf
    • http://ieuicufioao.myhome.cx/5551555558558552/Anzac-Girls-The-Extraordinary-Story-Of-Our-World-War-1-Nurses-by-Peter-Rees.pdf
    • http://ieuicufioao.myhome.cx/7554559551553/The-Year-That-Changed-The-World-The-Untold-Story-Behind-the-Fall-of-the-Berlin-Wall-by-Michael-R-Meyer.pdf
    • http://ieuicufioao.myhome.cx/3558554557552552/Codename-Tricycle-The-true-story-of-the-Second-World-War-s-most-extraordinary-double-agent-by-Russell-Miller.pdf
    • http://ieuicufioao.myhome.cx/3558556554554/The-Last-Stand-of-the-Tin-Can-Sailors-The-Extraordinary-World-War-II-Story-of-the-U-S-Navy-s-Finest-Hour-by-James-D-Hornfischer.pdf
    • http://ieuicufioao.myhome.cx/4552551554555559/A-Train-in-Winter-An-Extraordinary-Story-of-Women-Friendship-and-Survival-in-World-War-Two-by-Caroline-Moorehead.pdf
    • http://ieuicufioao.myhome.cx/1552554551557557/Shipwreck-at-the-Bottom-of-the-World-The-Extraordinary-True-Story-of-Shackleton-and-The-Endurance-by-Jennifer-Armstrong.pdf
    • http://ieuicufioao.myhome.cx/1557559552557559/The-Day-the-World-Discovered-the-Sun-An-Extraordinary-Story-of-Scientific-Adventure-and-the-Race-to-Track-the-Transit-of-Venus-by-Mark-Anderson.pdf
    • http://ieuicufioao.myhome.cx/8556553551552/Novels-by-Chris-D-lacey-The-Fire-Eternal-Fire-Star-the-Fire-Within-Icefire-the-Last-Dragon-Chronicles-Fire-World-by-Books-LLC.pdf
    • http://ieuicufioao.myhome.cx/3556558554558553/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/8555559558557552/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/4553552554557559/The-Last-of-the-Doughboys-The-Forgotten-Generation-and-Their-Forgotten-World-War-by-Richard-Rubin.pdf
    • http://ieuicufioao.myhome.cx/8559556555557553/The-Guardian-of-Mercy-How-an-Extraordinary-Painting-by-Caravaggio-Changed-an-Ordinary-Life-Today-by-Terence-Ward.pdf
    • http://ieuicufioao.myhome.cx/1551556553551559558/Unanst-ndige-Witze-anst-ndig-erz-hlt-Verdammt-unanst-ndige-Witze-ber-allerlei-anst-ndig-Verdammtes-by-Wolfgang-Lang.pdf
    • http://ieuicufioao.myhome.cx/2553559554559558/Island-on-Fire-The-extraordinary-story-of-Laki-the-volcano-that-turned-eighteenth-century-Europe-dark-by-Alexa

Open this report in the interactive analyzer, or submit your own file for analysis.