Malicious PDF — malware analysis report

Static analysis result for SHA-256 a790c672b2fb319f…

MALICIOUS

PDF

18.0 KB Created: 2019-04-30 04:08:51 +01:00 Authoring application: mPDF 5.7
MD5: 3b37458f59d5aa53c0f49b48553c2b5d SHA-1: 4d7e0538354c14f022431827ef3f9ccce3f11b06 SHA-256: a790c672b2fb319f4c1385171726d2e62140e17a4a9dcc2c9e217820df38b0e2
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file was flagged by a machine learning classifier and contains a large number of embedded links to external PDF files, indicating a link farm or redirection scheme. While no scripts were extracted, the presence of numerous URLs suggests a phishing or spam distribution attempt. The primary attack pattern involves leveraging these links to direct users to potentially malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a03a07a00a07a07/Elijah-The-Boss-s-Gift-Deadly-Duet-3-by-Sam-Crescent.pdf
    • http://muicuiu.dumb1.com/3a00a06a08a06a06/Fear-the-Boss-Deadly-Duet-1-by-Sam-Crescent.pdf
    • http://muicuiu.dumb1.com/3a03a07a02a09a05/The-Scarred-One-Deadly-Duet-2-by-Sam-Crescent.pdf
    • http://muicuiu.dumb1.com/7a07a04a09a01/Married-To-A-Deadly-Bitch-2-by-Elijah-Foreman.pdf
    • http://muicuiu.dumb1.com/3a00a03a07a09a05/Deadly-Gift-Flynn-Brothers-3-by-Heather-Graham.pdf
    • http://muicuiu.dumb1.com/7a03a06a06a06a00/Elijah-Deville-in-Judged-Worthy-of-Death-Elijah-Deville-Mystery-Series-Book-2-by-J-R-Diestelkamp.pdf
    • http://muicuiu.dumb1.com/3a09a05a02a00a05/What-to-Talk-About-On-a-Plane-at-a-Cocktail-Party-in-a-Tiny-Elevator-with-Your-Boss-s-Boss-by-Chris-Colin.pdf
    • http://muicuiu.dumb1.com/1a01a07a05a03a03a00/Good-Boss-Bad-Boss-How-to-Be-the-Best-and-Learn-from-the-Worst-by-Robert-I-Sutton.pdf
    • http://muicuiu.dumb1.com/4a00a03a09a01a09/The-Boss-s-Son---Part-1-The-Boss-s-Son-1-by-Sierra-Rose.pdf
    • http://muicuiu.dumb1.com/3a01a00a00a08a09/Love-a-Boss-Like-a-Boss-2-by-Logan-Chance.pdf
    • http://muicuiu.dumb1.com/2a04a07a08a04/Throne-of-the-Crescent-Moon-The-Crescent-Moon-Kingdoms-1-by-Saladin-Ahmed.pdf
    • http://muicuiu.dumb1.com/4a09a03a01a05a06/Throne-of-the-Crescent-Moon-The-Crescent-Moon-Kingdoms-1-by-Saladin-Ahmed.pdf
    • http://muicuiu.dumb1.com/2a08a01a08a00a02/The-Boss-Killers-Bad-day-at-the-office-Call-The-Boss-Killers-by-Keith-Gillison.pdf
    • http://muicuiu.dumb1.com/2a09a07a03a02a01/The-Boss-Killers-Bad-day-at-the-office-Call-The-Boss-Killers-by-Keith-Gillison.pdf
    • http://muicuiu.dumb1.com/7a09a06a01a04/Crescent-City-Crescent-City-1-by-Sarah-J-Maas.pdf
    • http://muicuiu.dumb1.com/5a03a05a06a03a04/Revenge-The-7th-Deadly-Sin-Alternate-Ending-G-Spot-2-The-Seven-Deadly-Sins-by-Noire.pdf
    • http://muicuiu.dumb1.com/1a03a03a04a03a03/Deadly-Love-Francesca-Cahill-Deadly-1-by-Brenda-Joyce.pdf
    • http://muicuiu.dumb1.com/4a03a09a04a09a00/Deadly-Deception-A-Deadly-Novel-Book-One-by-Andrea-Johnson-Beck.pdf
    • http://muicuiu.dumb1.com/2a08a00a07a08a00/Deadly-Crush-Deadly-Trilogy-1-by-Ashley-Stoyanoff.pdf
    • http://muicuiu.dumb1.com/2a08a06a02a05a01/Deadly-Dreams-Deadly-Mystery-3-by-Victor-J-Banis.pdf
    • http://muicuiu.dumb1.com/3a09a05a02a00a05/What-to-Talk-About-On-a-P

Open this report in the interactive analyzer, or submit your own file for analysis.