Malicious PDF — malware analysis report

Static analysis result for SHA-256 aba9b29c50eb010e…

MALICIOUS

PDF

17.7 KB Created: 2019-05-06 16:37:05 +01:00 Authoring application: mPDF 5.7
MD5: 648fa801ca223084e1edce523db47e4b SHA-1: 0a56bfb1720c77e423ad110ea4b44664bf44c888 SHA-256: aba9b29c50eb010efa3ee5bcfb6c3455d133acb9c6007883b41751d00855a838
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded URLs pointing to external PDF files, a technique often used for SEO spam or to distribute further malicious content. The ML classifier strongly indicated maliciousness. No scripts were extracted, but the structure suggests a lure to a link farm.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/9a04a09a01a01a07/Iron-Fey-Series-Volume-1-The-Iron-King-Winter-s-Passage-The-Iron-Daughter-The-Iron-Queen-Summer-s-Crossing-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/1a03a03a05a02a06/The-Iron-Knight-The-Iron-Fey-4-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a08a03a04a05a05/The-Iron-Traitor-The-Iron-Fey-Call-of-the-Forgotten-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a00a06a08a03a03/Iron-King-1-The-Iron-Fey-Manga-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a03a06a09a07a05/The-Iron-Daughter-Iron-Fey-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/1a03a03a04a02a02/The-Iron-Queen-The-Iron-Fey-3-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a04a02a04a07/Iron-s-Prophecy-The-Iron-Fey-4-5-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a02a08a03a02/The-Iron-Daughter-The-Iron-Fey-2-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a07a08a00a03a06/The-Iron-King-The-Iron-Fey-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/9a04a09a02a08a05/The-Iron-Fey-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/2a09a09a00a02/The-Iron-Queen-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a01a02a02a00/Summer-s-Crossing-Iron-Fey-3-5-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/3a04a04a01a08/The-Lost-Prince-The-Iron-Fey-Call-of-the-Forgotten-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/4a08a09a03a04a02/The-Lost-Prince-The-Iron-Fey-Call-of-the-Forgotten-1-by-Julie-Kagawa.pdf
    • http://muicuiu.dumb1.com/9a04a01a06a06a01/The-Iron-Thorn---Fl-sternde-Magie-Iron-Codex-1-by-Caitlin-Kittredge.pdf
    • http://muicuiu.dumb1.com/4a07a08a00a00/The-Iron-Thorn-Iron-Codex-1-by-Caitlin-Kittredge.pdf
    • http://muicuiu.dumb1.com/2a03a03a05a02a07/The-Iron-Duke-Iron-Seas-1-by-Meljean-Brook.pdf
    • http://muicuiu.dumb1.com/7a04a06a09a04a06/Iron-Man-War-of-the-Iron-Men-by-Fred-Van-Lente.pdf
    • http://muicuiu.dumb1.com/8a00a08a07a03a05/The-Iron-and-Steel-Magazine-Vol-10-Successor-to-the-Metallographist-a-Monthly-Publication-Devoted-to-the-Iron-and-Steel-Industry-July-to-December-1905-by-Albert-Sauveur.pdf
    • http://muicuiu.dumb1.com/8a00a08a07a02a07/The-Iron-and-Steel-Magazine-Vol-7-Successor-to-the-Metallographist-A-Monthly-Publication-Devoted-to-the-Iron-and-Steel-Industry-January-to-June-1904-by-Albert-Sauveur.pdf
    • http://muicuiu.dumb1.com/2a09a09a00a02/T

Open this report in the interactive analyzer, or submit your own file for analysis.