Malicious PDF — malware analysis report

Static analysis result for SHA-256 b56732b187e0ba81…

MALICIOUS

PDF

16.8 KB Created: 2019-04-30 01:55:28 +01:00 Authoring application: mPDF 5.7
MD5: aa8eb22221de32e4bc3672f61993cd01 SHA-1: 613f0a48f92b7f74dcb28a462122d7ebb70f626b SHA-256: b56732b187e0ba81239d7ad9184a746e2ba0787b92234b7836650230f589a2f8
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified as a link farm. The ML classifier also flagged this PDF as malicious. The primary attack pattern appears to be SEO poisoning or driving traffic to a large number of external sites, rather than direct payload delivery.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9787

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a06a00a06a01a02/Captive-Behind-the-Stars-1-by-Leigh-Talbert-Moore.pdf
    • http://muicuiu.dumb1.com/1a01a08a02a07a09/Rouge-Cheveux-Roux-1-by-Leigh-Talbert-Moore.pdf
    • http://muicuiu.dumb1.com/1a02a09a07a05a04/Captive-Star-Stars-of-Mithra-2-by-Nora-Roberts.pdf
    • http://muicuiu.dumb1.com/4a08a01a00a09a03/The-Needing-Moore-Series-Trilogy-Searching-for-Moore-Moore-to-Lose-amp-Moore-than-Forever-by-Julie-A-Richman.pdf
    • http://muicuiu.dumb1.com/1a06a09a04a08a01/Dead-Birds-Singing-by-Marc-Talbert.pdf
    • http://muicuiu.dumb1.com/3a07a07a00a08a06/The-Captive-Series-Bundle-The-Captive-1-5-by-Erica-Stevens.pdf
    • http://muicuiu.dumb1.com/3a04a04a00a00a07/From-Willing-Sub-To-Enslaved-Captive-Captive-s-1-by-Scarlett-Flame.pdf
    • http://muicuiu.dumb1.com/4a05a06a09a04a06/Captive-Captive-Hearts-1-by-Joan-Johnston.pdf
    • http://muicuiu.dumb1.com/3a09a00a08a03a00/Haunting-Leigh-Literal-Leigh-Romance-Diaries-4-by-Melanie-James.pdf
    • http://muicuiu.dumb1.com/4a03a04a04a07a04/Captive-Films-Season-1-Captive-Films-4-by-Jillian-Dodd.pdf
    • http://muicuiu.dumb1.com/1a08a07a00a04a04/The-Jonestown-Letters-Correspondence-of-the-Moore-Family-1970-1985-by-Rebecca-Moore.pdf
    • http://muicuiu.dumb1.com/3a07a05a04a08a02/Hidden-in-the-Stars-Falling-Stars-2-by-Sadie-Grubor.pdf
    • http://muicuiu.dumb1.com/4a01a07a08a07a06/Captive-Prince-Volume-Two-Captive-Prince-2-by-C-S-Pacat.pdf
    • http://muicuiu.dumb1.com/2a01a03a04a06a01/Captive-Hearts-Vol-01-Captive-Hearts-1-by-Matsuri-Hino.pdf
    • http://muicuiu.dumb1.com/2a05a01a06a03a05/Searching-For-Moore-Needing-Moore-1-by-Julie-A-Richman.pdf
    • http://muicuiu.dumb1.com/1a07a01a08a01a00/Love-You-Moore-Moore-Romance-2-by-Alex-Miska.pdf
    • http://muicuiu.dumb1.com/5a05a03a07a09a00/The-Moore-the-Merrier-Moore-Romance-2-5-by-Alex-Miska.pdf
    • http://muicuiu.dumb1.com/3a04a01a09a08a09/Stars-So-Sweet-All-Four-Stars-3-by-Tara-Dairman.pdf
    • http://muicuiu.dumb1.com/6a06a01a02a05a01/Stars-of-the-Stars-Tome-1-by-Joann-Sfar.pdf
    • http://muicuiu.dumb1.com/1a00a01a05a02a08/Falling-Stars-Shooting-Stars-5-by-V-C-Andrews.pdf
    • http://muicuiu.dumb1.com/4a05a06a09a04a06/Captive-Captiv

Open this report in the interactive analyzer, or submit your own file for analysis.