Malicious PDF — malware analysis report

Static analysis result for SHA-256 b732310946071359…

MALICIOUS

PDF

17.1 KB Created: 2019-05-07 03:34:59 +01:00 Authoring application: mPDF 5.7
MD5: 0c35f7e4e113243867fd2e350f01ff4c SHA-1: 6fbc7b0f35f8645a8cc3dd43d347e1689fd4cacd SHA-256: b732310946071359cee4c0117fe8f9c7fe59b0307cdeeec9839fa2dad49f9d0c
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a large number of embedded URLs, forming a link farm. The heuristic 'PDF_SEO_LINK_FARM' indicates this is a technique to distribute content or potentially lead users to malicious sites. While the specific URLs extracted were classified as benign, the sheer volume and structure suggest a malicious intent to drive traffic. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9806

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a04a04a02a04a01/Genius-Vol-2-Cartel-by-Marc-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a03a02/Push-by-Marc-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a03a06a01/Grunts-War-Stories-by-Marc-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a03a06/Bernardin-Guide-To-Home-Preserving-by-Bernardin-Ltd-.pdf
    • http://muicuiu.dumb1.com/6a04a04a03a02a05/Selected-Works-of-Joseph-Cardinal-Bernardin-Homilies-and-Teaching-Documents-by-Joseph-Bernardin.pdf
    • http://muicuiu.dumb1.com/9a00/Cartel-Cartel-1-by-Lili-St-Germain.pdf
    • http://muicuiu.dumb1.com/2a07a05a02a08a05/Write-Your-Genius-Genius-A-Rather-Quick-Guide-to-Book-Writing-by-Nadine-C-Keels.pdf
    • http://muicuiu.dumb1.com/3a07a06a00a07/Evil-Genius-Genius-1-by-Catherine-Jinks.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a03a07/Bernardin-by-Vision-Video.pdf
    • http://muicuiu.dumb1.com/7a06a09a05a01a08/Marc-S-guin-survol-Marc-S-guin-overview-essays-by-St-phane-Aquin-Robert-Enright-by-Doug-Fischer.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a09a04/Rocket-Man-Elton-John-From-A-Z-by-Claude-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a08a05/Bernardin-Life-to-the-Full-by-Eugene-C-Kennedy.pdf
    • http://muicuiu.dumb1.com/6a04a04a04a06a05/Rocket-Man-The-Encyclopedia-of-Elton-John-by-Claude-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a03a07a07/Rhythms-Reflections-And-Lines-On-The-Back-Of-A-Menu-by-Libby-Bernardin.pdf
    • http://muicuiu.dumb1.com/6a04a04a03a02a01/Computest-Windows-to-Accompany-Human-Resource-Management-by-Bernardin.pdf
    • http://muicuiu.dumb1.com/4a07a00a07a07a02/Cartel-by-Lili-St-Germain.pdf
    • http://muicuiu.dumb1.com/4a05a06a08a08a04/Los-Zetas-Cartel-Collection-by-A-J-Adams.pdf
    • http://muicuiu.dumb1.com/4a06a09a03/Empire-Cartel-3-by-Lili-St-Germain.pdf
    • http://muicuiu.dumb1.com/3a00a06a08a05a09/The-Bonus-Zeta-Cartel-1-by-A-J-Adams.pdf
    • http://muicuiu.dumb1.com/6a04a04a02a04a00/The-Journey-to-Peace-Reflections-on-Faith-Embracing-Suffering-and-Finding-New-Life-by-Joseph-Bernardin.pdf
    • http://muicuiu.dumb1.com/7a06a09a05a01a08/Marc-S-guin-survol-Mar

Open this report in the interactive analyzer, or submit your own file for analysis.