Malicious PDF — malware analysis report

Static analysis result for SHA-256 b6921380382cce2e…

MALICIOUS

PDF

18.7 KB Created: 2019-04-30 03:15:48 +01:00 Authoring application: mPDF 5.7
MD5: c94adefa038af7a12de48288bf995708 SHA-1: f2e11eca1c9f48f25c482582b388e73c0a0d484b SHA-256: b6921380382cce2edf08a06a708e2007e9883198e2d10afc4479146ff646ab0b
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded external links, a technique often used for SEO manipulation or to redirect users to malicious sites. The ML classifier strongly indicated maliciousness. While the document body is heavily obfuscated, the heuristic 'PDF_SEO_LINK_FARM' directly points to the presence of numerous links, suggesting a deceptive or malicious intent behind the document's structure. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9920

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a05a01a06a09a06/Can-t-Live-Without-by-Joanne-Phillips.pdf
    • http://muicuiu.dumb1.com/3a03a01a03a03a01/Revenge-of-the-Cube-Dweller-by-Joanne-Fox-Phillips.pdf
    • http://muicuiu.dumb1.com/7a06a04a01a08a07/Live-or-Die-1-Betelgeuse-or-Alpha-Orionis-Live-or-Die---Trilogy-by-J-A-Hawkings.pdf
    • http://muicuiu.dumb1.com/6a06a07a09a08a08/The-Thriving-Introvert-Embrace-the-Gift-of-Introversion-and-Live-the-Life-You-Were-Meant-to-Live-Free-Workbook-Included-by-Thibaut-Meurisse.pdf
    • http://muicuiu.dumb1.com/1a01a03a00a04a03a04/Live-Thin-Live-Long-A-Doctor-s-Guide-for-Losing-Weight-Keeping-it-off-staying-healthy-and-living-longer-by-Richard-Uhlig.pdf
    • http://muicuiu.dumb1.com/2a00a09a09a03a04/AI-Performance-The-Art-of-Live-Automation-The-ultimate-how-to-guide-in-creating-stunning-technical-and-revolutionary-live-shows-for-any-contemporary-musical-performer-by-Chris-Frost.pdf
    • http://muicuiu.dumb1.com/1a00a01a08a06a07a08/BEN-AARONOVITCH-SERIES-READING-ORDER-A-READ-TO-LIVE-LIVE-TO-READ-CHECKLIST-by-Rita-Bookman.pdf
    • http://muicuiu.dumb1.com/3a05a04a09a09a06/David-Sedaris-Live-at-Carnegie-Hall-Live-for-Your-Listening-Pleasure-by-David-Sedaris.pdf
    • http://muicuiu.dumb1.com/9a06a02a05a02/Town-Is-by-the-Sea-by-Joanne-Schwartz.pdf
    • http://muicuiu.dumb1.com/4a07a07a01a06a07/The-Gift-by-Joanne-Clancy.pdf
    • http://muicuiu.dumb1.com/4a01a03a07a06a00/The-Plague-by-Joanne-Dahme.pdf
    • http://muicuiu.dumb1.com/4a06a00a09a09a06/Different-Class-by-Joanne-Harris.pdf
    • http://muicuiu.dumb1.com/1a01a03a01a01a07a08/Outback-Heart-by-Joanne-van-Os.pdf
    • http://muicuiu.dumb1.com/1a01a03a04a08a07a03/One-Direction-by-Joanne-Mattern.pdf
    • http://muicuiu.dumb1.com/1a04a00a09a06a09/Coastliners-by-Joanne-Harris.pdf
    • http://muicuiu.dumb1.com/2a09a08a09a00a07/Chocolat-by-Joanne-Harris.pdf
    • http://muicuiu.dumb1.com/4a05a00a00a01a06/Traceless-by-Joanne-Clancy.pdf
    • http://muicuiu.dumb1.com/1a01a07a06a09a00/The-Day-to-Eternity-by-Joanne-Monte.pdf
    • http://muicuiu.dumb1.com/4a06a07a07a00a00/Leaf-by-Joanne-Van-Leerdam.pdf
    • http://muicuiu.dumb1.com/9a04a08a04a09a00/SAKI-by-Joanne-Suter.pdf
    • http://muicuiu.dumb1.com/1a01a03a00a04a03a04/Live-Thin-Live-Long-A-Doctor-s-Guide-for-Losing-Weight-Keeping-it-off-staying-h

Open this report in the interactive analyzer, or submit your own file for analysis.