Malicious PDF — malware analysis report

Static analysis result for SHA-256 b2b526a591a664d1…

MALICIOUS

PDF

18.1 KB Created: 2019-04-29 23:16:22 +01:00 Authoring application: mPDF 5.7
MD5: a6963a967c17d8c23d1cdbb757525594 SHA-1: 2281662262a7fd0fcb0f50e3732e930703cf60e5 SHA-256: b2b526a591a664d13b52c40563d580c7beb2ed9b7e9fcd784771362be7310738
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links to external PDF documents, all hosted on the domain 'muicuiu.dumb1.com'. This behavior is indicative of a link farm or a redirection mechanism designed to lead users to potentially malicious content. The ML classifier also flagged this PDF as malicious with a high score.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9719

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a08a08a04a07a00/Carrie-s-Run-Homeland-1-by-Andrew-Kaplan.pdf
    • http://muicuiu.dumb1.com/1a01a09a04a02a08a07/Kaplan-SAT-Critical-Reading-Workbook-by-Kaplan-Inc-.pdf
    • http://muicuiu.dumb1.com/3a09a09a07a08a08/Scorpion-Betrayal-Scorpion-2-by-Andrew-Kaplan.pdf
    • http://muicuiu.dumb1.com/4a01a00a02a08/Carrie-s-Story-An-Erotic-S-M-Novel-Carrie-s-Story-1-by-Molly-Weatherfield.pdf
    • http://muicuiu.dumb1.com/9a03a05a06a05a05/Homeland-by-Walter-Kempowski.pdf
    • http://muicuiu.dumb1.com/4a04a04a05a02a01/The-Homeland-Directive-by-Robert-Venditti.pdf
    • http://muicuiu.dumb1.com/6a04a06a03a03/Homeland-and-Other-Stories-by-Barbara-Kingsolver.pdf
    • http://muicuiu.dumb1.com/2a02a00a04a00a04/Ask-Me-to-Stay-Homeland-1-by-Elise-K-Ackers.pdf
    • http://muicuiu.dumb1.com/4a01a04a07/Best-State-Ever-A-Florida-Man-Defends-His-Homeland-by-Dave-Barry.pdf
    • http://muicuiu.dumb1.com/7a02a02a00a04a05/A-Photographic-Journey-of-my-Homeland-Armenia-by-Vahe-Peroomian.pdf
    • http://muicuiu.dumb1.com/3a09a04a07a09/The-Carrie-Diaries-The-Carrie-Diaries-1-by-Candace-Bushnell.pdf
    • http://muicuiu.dumb1.com/8a05a01a07a05a05/Net-Cetera-Chatting-with-Kids-About-Being-Online-by-U-S-Department-of-Homeland-Security.pdf
    • http://muicuiu.dumb1.com/6a08a06a04a05a06/Names-and-Nunavut-Culture-and-Identity-in-the-Inuit-Homeland-by-Valerie-Alia.pdf
    • http://muicuiu.dumb1.com/8a01a09a01a06/The-Storyteller-s-Daughter-One-Woman-s-Return-to-Her-Lost-Homeland-by-Saira-Shah.pdf
    • http://muicuiu.dumb1.com/1a04a03a00a04a05/Welcome-to-Kaya-s-World-1764-Growing-Up-in-a-Native-American-Homeland-by-Dottie-Raymer.pdf
    • http://muicuiu.dumb1.com/3a03a07a05a07a03/Fast-Times-in-Palestine-A-Love-Affair-with-a-Homeless-Homeland-by-Pamela-J-Olson.pdf
    • http://muicuiu.dumb1.com/1a00a09a02a07a00a05/Reform-Without-Justice-Latino-Migrant-Politics-and-the-Homeland-Security-State-by-Alfonso-Gonzales.pdf
    • http://muicuiu.dumb1.com/9a05a05a02a04a00/Indian-Ocean-Migrants-and-State-Formation-in-Hadhramaut-Reforming-the-Homeland-by-Ulrike-Freitag.pdf
    • http://muicuiu.dumb1.com/6a09a06a01a09a07/PLI-Multistate-Bar-Review-by-Kaplan-Inc-.pdf
    • http://muicuiu.dumb1.com/2a04a03a05a08a01/Down-by-Mark-Adam-Kaplan.pdf
    • http://muicuiu.dumb1.com/3a09a04a07a09/The-Carrie-Diaries-T

Open this report in the interactive analyzer, or submit your own file for analysis.