Malicious PDF — malware analysis report

Static analysis result for SHA-256 b6ee5abdbe9d3744…

MALICIOUS

PDF

13.3 KB Created: 2020-03-13 20:19:19 +00:00 Authoring application: mPDF 5.7 First seen: 2021-06-13
MD5: dce18ec9fe5840c383a12e990e8a930a SHA-1: d83f934dfc9cfc252d845e92bdbe5deafc32df99 SHA-256: b6ee5abdbe9d3744b4de5b6a59232a6361b1ca21743b8077f8d10e4d7755cf10
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which suggests a link farm or phishing attempt. The ML_NYX_PDF_MALICIOUS heuristic further supports the malicious nature of the file. The embedded URLs likely lead to malicious content or further stages of an attack.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://kitasdyu.myhome.cx/1877873871870875/Sharing-You-Sharing-You-1-by-Molly-McAdams.pdf In PDF document text
    • http://kitasdyu.myhome.cx/1872874877879873/Two-Gentlemen-Sharing-by-William-Corlett.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/2870876870875875/The-Sharing-Game-by-Riley-Taboo.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/5878878873873879/Sharing-the-Man-of-the-House-by-Ellana-J-Flood.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/3874876877871871/The-Sharing-Moon-by-Christy-A-Campbell.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/2875873870872870/Sharing-Shawny-by-Reese-Gabriel.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/2872875871877876/The-Sharing-Spoon-by-Kathleen-Eagle.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/4878870874870877/Sharing-a-Shell-by-Julia-Donaldson.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/4875872875873873/Stealing-Ryder-Sharing-Harper-2-by-V-Murphy.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/2878874877878873/I-am-Sharing-Toddler-Books-by-Mercer-Mayer.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/5879871874875879/Knowledge-Sharing-in-Practice-by-Marleen-Huysman.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/7874875877876878/Sharing-Jesus-with-Muslims-in-America-by-Abu-Daoud.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/5870879873874872/Sharing-the-Success-The-Story-of-NFC-by-Peter-Thompson.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/3879871876877/Passage-The-Sharing-Knife-3-by-Lois-McMaster-Bujold.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/3873873870871872/The-Sharing-Knife-Volume-Two-by-Lois-McMaster-Bujold.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/5873878871871879/Little-Big-Minds-Sharing-Philosophy-with-Kids-by-Marietta-McCarty.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/8873879878879876/Origins-of-Possession-Owning-and-Sharing-in-Development-by-Philippe-Rochat.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/1875872871875871/Sharing-the-Female-From-Earth-Lost-in-Space-1-by-Marla-Monroe.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/1870874872872871/Ogbo-Sharing-Life-in-an-African-Village-by-Ifeoma-Onyefulu.pdfIn PDF document text
    • http://kitasdyu.myhome.cx/9873872873872874/Lock-Rebel-2-by-Molly-McAdams.pdfIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.