Malicious PDF — malware analysis report

Static analysis result for SHA-256 b5de34e067e013d2…

MALICIOUS

PDF

15.7 KB Created: 2019-04-30 04:45:14 +01:00 Authoring application: mPDF 5.7
MD5: a75782e9b2b21c3936feee10045ebf6a SHA-1: 6cb364de4e59b22df9d6708631bd232515079436 SHA-256: b5de34e067e013d261ec78f082fc790cec232edad77ac0fa3cfba28bc9c3d4cd
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. While most of these URLs were classified as benign, the sheer volume and the ML_NYX_PDF_MALICIOUS firing suggest a malicious intent, likely for SEO spam or to distribute further malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a03a01a07a01a06/A-Naughty-Naughty-Mink-Men-of-Silver-1-by-Lynn-Stark.pdf
    • http://muicuiu.dumb1.com/4a08a05a06a02a09/The-Naughty-Angel-and-Her-Three-Very-Wise-Men-Naughty-1-by-Trinity-Blacio.pdf
    • http://muicuiu.dumb1.com/1a07a04a02a00a04/Fifty-Shades-of-Naughty-1-of-the-Fifty-Shades-of-Naughty-Trilogy-by-Edward-Naughty.pdf
    • http://muicuiu.dumb1.com/4a08a05a01a03a03/Naughty-Wishes-Part-IV-Soul-Naughty-Wishes-4-by-Joey-W-Hill.pdf
    • http://muicuiu.dumb1.com/4a03a03a09a04a05/Jingle-Spells-Naughty-or-Nice-She-s-a-Mean-One-His-First-Noelle-Silver-Belle-by-Vicki-Lewis-Thompson.pdf
    • http://muicuiu.dumb1.com/2a08a03a06a09a09/I-Want-to-Be-Naughty-by-Mei-Sakuraga.pdf
    • http://muicuiu.dumb1.com/4a04a07a07a04a02/Definitely-Naughty-by-Jo-Leigh.pdf
    • http://muicuiu.dumb1.com/5a03a03a03a01a06/Naughty-Little-Angel-by-J-Tremble.pdf
    • http://muicuiu.dumb1.com/1a00a00a06a06a09/Naughty-by-Brenda-Hampton.pdf
    • http://muicuiu.dumb1.com/2a08a06a01a00a06/Acting-Naughty-Action-1-by-G-A-Hauser.pdf
    • http://muicuiu.dumb1.com/8a02a04a03a02/Ask-Me-Nicely-Naughty-or-Nice-2-by-Amy-Andrews.pdf
    • http://muicuiu.dumb1.com/1a04a05a08a09a09/The-Naughty-List-by-Donna-Kauffman.pdf
    • http://muicuiu.dumb1.com/5a04a01a07a00a00/Ha-ha-the-world-is-so-funny---the-naughty-boy-Titeuf---3-by-ze-pu.pdf
    • http://muicuiu.dumb1.com/2a03a05a06a01a08/A-Naughty-Boy-for-Krampus-by-Quinn-D-39-Angelo.pdf
    • http://muicuiu.dumb1.com/4a07a05a00/We-Wish-You-a-Naughty-Christmas-by-Skye-Warren.pdf
    • http://muicuiu.dumb1.com/9a06a04a09a03a01/Gabi-s-Naughty-Boss-by-ErotiPics-HD.pdf
    • http://muicuiu.dumb1.com/4a04a01a04a01a06/Naughty-by-Nature-by-Addison-Moore.pdf
    • http://muicuiu.dumb1.com/1a07a00a02a02a07/My-Naughty-Little-Secret-by-Tara-Finnegan.pdf
    • http://muicuiu.dumb1.com/9a07a09a01a07a06/Acting-Naughty-Action-1-by-G-A-Hauser.pdf
    • http://muicuiu.dumb1.com/3a06a09a04a01a03/Naughty-Beach-Fling-Are-You-Watching-1-by-Mia-Dee.pdf
    • http://muicuiu.dumb1.com/1a00a00a06a06a09/Naughty-b

Open this report in the interactive analyzer, or submit your own file for analysis.