Malicious PDF — malware analysis report

Static analysis result for SHA-256 abd9b3da4b727bc6…

MALICIOUS

PDF

16.8 KB Created: 2020-03-15 00:49:35 +00:00 Authoring application: mPDF 5.7 First seen: 2021-04-01
MD5: 147f08e6aff1fc3d9cf8969de66a1020 SHA-1: f15128e65cfbc2aedf01e4b88172d642fe9e15d9 SHA-256: abd9b3da4b727bc6db1562e0396f6cb04e6c59ae7a01b5e6cde9559976a1401f
92 Risk Score

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://lwoscmobook.myhome.cx/252405246524252495248/Lady-Laugherty-s-Loves-by-Laurel-Bennett.pdf In PDF document text
    • http://lwoscmobook.myhome.cx/452415243524952415240/Strip-Me-Bare-Strip-You-2-by-Marissa-Carmel.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/352495240524352405249/Butterflies-And-Late-Loves-The-Further-Travels-And-Adventures-Of-A-Victorian-Lady-by-Margaret-Fountaine.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/452475245524252415243/When-a-Laird-Loves-a-Lady-Highlander-Vows-Entangled-Hearts-Book-1-by-Julie-Johnstone.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/252475240524852425245/Gluten-Free-Girl-How-I-Found-the-Food-That-Loves-Me-Back-And-How-You-Can-Too-by-Shauna-James-Ahern.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/152415242524852485241/She-Loves-You-She-Loves-You-Not-by-Julie-Anne-Peters.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/352415243524752435246/He-Loves-Me-He-Loves-You-Not-by-Lauren-Hammond.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/952495248524352485244/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/35242524652465242/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/752465242524752405242/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/352475240524352485240/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/1524052485241524852475244/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/752445240524052435243/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/1524052475245524352485248/Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/1524052425242524152495241/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/152485243524052435247/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/452405248524852415241/The-Portrait-Of-A-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/652455245524352435247/The-Portrait-of-a-Lady-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/952485245524452415248/The-Portrait-Of-A-Lady-Parts-1-amp-2-by-Henry-James.pdfIn PDF document text
    • http://lwoscmobook.myhome.cx/85246524052415245/Lady-Here-s-Your-Wreath-by-James-Hadley-Chase.pdfIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.