Malicious PDF — malware analysis report

Static analysis result for SHA-256 b5d324c4305682f9…

MALICIOUS

PDF

15.1 KB Created: 2019-04-29 23:01:21 +01:00 Authoring application: mPDF 5.7
MD5: 9a648745ea01bb2a92df663a0f5989ee SHA-1: 69fc6eea07b46c5b7bfd92352a6c26d7794a5db7 SHA-256: b5d324c4305682f99d910de9fd3e34f522790d1f7b80d6c90068e21f213d707c
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF document exhibits a critical heuristic firing for a link farm, containing numerous embedded URLs. While most extracted URLs are marked as confirmed benign, the sheer volume and the nature of the heuristic suggest a malicious intent, possibly for SEO abuse or as a lure. The ML classifier also flagged this PDF with high confidence. No scripts were extracted from this sample, and the document body was heavily obfuscated, preventing a deeper analysis of its specific content or purpose beyond the link farm.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a08a08a07a03a09/Beautiful-Danger-In-the-Company-of-Vampires-1-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/3a04a03a00a01a07/Dark-Rapture-Beautiful-Creatures-1-2-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a05a01a07a08/Moonlight-and-Diamonds-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a09a05a04a07a08/Midnight-Cravings-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/4a04a05a02a09a02/This-Glamorous-Evil-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/3a01a07a02a05a00/Seraphim-Changelings-1-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/4a04a05a04a03a09/My-Lady-Madness-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/1a08a09a01a04a03/The-Vampire-s-Protector-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a00a00a03a02a00/Seducing-the-Vampire-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/4a07a01a00a02a07/The-Devil-To-Pay-Bewitch-the-Dark-4-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/1a07a03a07a07a00/Playing-with-Fire-Of-Angels-and-Demons-3-5-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a03a04a08a03a00/Kiss-Me-Deadly-Bewitching-the-Dark-2-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/4a04a05a02a09a05/Follow-the-Night-Bewitch-the-Dark-0-5-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/1a08a09a01a09a00/Her-Werewolf-Hero-Harlequin-Nocturne-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/5a07a06a06a00a06/D-sirs-nocturnes-L-int-grale-de-la-s-rie-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/1a07a03a07a06a09/The-Ninja-Vampire-s-Girl-Of-Angels-and-Demons-2-5-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a03a09a07a00a05/Winter-Kissed-A-Kiss-of-Frost-Ice-Bound-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/4a07a08a02a04/In-the-Company-of-Vampires-Dark-Ones-8-by-Katie-MacAlister.pdf
    • http://muicuiu.dumb1.com/1a07a03a07a06a08/Vacation-with-a-Vampire-Stay-Vivi-and-the-Vampire-Island-Vacation-by-Michele-Hauf.pdf
    • http://muicuiu.dumb1.com/2a03a00a00a02a07/Danger-Dan-Creates-the-Ultimate-Utama-Uproar-Danger-Dan-5-by-Lesley-Anne-Tan.pdf
    • http://muicuiu.dumb1.com/2a03a04a08a03a00/Kiss-Me-Deadly-Bew

Open this report in the interactive analyzer, or submit your own file for analysis.