Malicious PDF — malware analysis report

Static analysis result for SHA-256 ba9082a79703d6a3…

MALICIOUS

PDF

30.9 KB Created: 2019-05-02 05:42:55 +01:00 Authoring application: mPDF 5.7
MD5: 9a8d6d3db83ddff6327decd035d9946f SHA-1: 6cc2d6ca2f53852d327df618bbb99e0f569173e2 SHA-256: ba9082a79703d6a3c08e71b54424cd1e5cb5ab26e9ede7de101b874ca63384de
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links pointing to external PDF documents hosted on the domain 'kiteeearpdf.myhome.cx'. This behavior is indicative of a link farm or a lure to a large collection of potentially malicious content. The ML classifier also strongly flagged this PDF as malicious. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9897

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://kiteeearpdf.myhome.cx/2f211f216f213f219f210/The-Book-Waitress-The-Book-Waitress-1-by-Deena-Remiel.pdf
    • http://kiteeearpdf.myhome.cx/8f215f213f216f214f218/Angel-Rising-Book-One-Brethren-Series-4-1-by-Deena-Remiel.pdf
    • http://kiteeearpdf.myhome.cx/1f217f218f217f211f215/The-Cocktail-Waitress-by-James-M-Cain.pdf
    • http://kiteeearpdf.myhome.cx/1f216f211f213f217f217/Waiting-The-True-Confessions-of-a-Waitress-by-Debra-Ginsberg.pdf
    • http://kiteeearpdf.myhome.cx/3f219f214f217f219f211/Trinity-Brethren-1-by-Deena-Remiel.pdf
    • http://kiteeearpdf.myhome.cx/2f211f216f214f215f210/Picture-Perfect-by-Deena-Remiel.pdf
    • http://kiteeearpdf.myhome.cx/1f217f218f214f217f216/Relic-Brethren-2-by-Deena-Remiel.pdf
    • http://kiteeearpdf.myhome.cx/2f215f213f214f211f217/Smart-Mouth-Waitress-Life-in-Saltwater-City-2-by-Dalya-Moon.pdf
    • http://kiteeearpdf.myhome.cx/7f215f212f212f218f212/Five-Television-Plays-A-Waitress-in-Yellowstone-or-Always-Tell-the-Truth-Bradford-The-Museum-of-Science-and-Industry-Story-A-Wasted-Weekend-We-Will-Take-You-There-by-David-Mamet.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f213f216f219/Edition-1nd-Just-1-hour-Amazing-Singapore-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-this-book-by-Takuji.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f213f216f217/2nd-Edition-Just-1-hour-Amazing-New-Zealand-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-this-book-by-Takuji.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f216f215f218/Edition-1nd-Just-1-hour-Amazing-Singapore-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-this-book-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f216f215f216/2nd-Edition-Just-1-hour-Amazing-New-Zealand-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-this-book-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f216f215f215/NEW-Edition-Just-1-hour-Amazing-Hawaii-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-Edition-This-book-includes-7-important-expression-this-book-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f214f214f213/Edition-2nd-Just-1-hour-Amazing-English-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-travelling-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f214f215f211/Edition-1nd-Just-1-hour-Amazing-New-York-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-travelling-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f216f215f213/2nd-Edition-Just-1-hour-Amazing-New-York-Travelling-Book-Bring-this-book-to-travel-This-book-is-2nd-edition-This-book-includes-7-important-expression-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/7f213f214f215f217f213/NEW-Just-1-hour-Amazing-English-Travelling-Book-Bring-this-book-to-travel-This-book-is-NEW-This-book-includes-7-important-expression-for-travelling-by-Takuji-Ekawa.pdf
    • http://kiteeearpdf.myhome.cx/9f217f218f211f211f210/The-Book-of-Questions-Book-of-Yukel-and-Return-to-the-Book-by-Rosmarie-Waldrop.pdf
    • http://kiteeearpdf.myhome.cx/7f218f213f218f213f210/Once-Upon-a-Fairytale-6x9-Notebook-Journal-Diary-Keepsake-Book-Sketchbook-Travel-Journal-Meditation-Journal-Yoga-Journal-Planner-Organizer-Calligraphy-Book-Composition-Book-100-Lined-Pages-with-Dates-by-Judy-Sery-Barski.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.