Malicious PDF — malware analysis report

Static analysis result for SHA-256 c105724c438587ac…

MALICIOUS

PDF

14.2 KB Created: 2019-04-30 03:52:43 +01:00 Authoring application: mPDF 5.7
MD5: bf5c90001e2771ee707f0550e868cac6 SHA-1: 0188be40747b9109a5f5a8e74ae31902421f6062 SHA-256: c105724c438587acda473f77d1c995433ae508b4e5caab45938151a6a613c8b3
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded external links, a technique often used for SEO poisoning or to redirect users to malicious websites. The ML classifier strongly indicated maliciousness, and the PDF_SEO_LINK_FARM heuristic identified the mass linking behavior. While the URLs themselves are currently marked as benign, the sheer volume and the heuristic firing suggest a malicious intent to drive traffic to potentially compromised or malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a01a06a00a08a04/The-Secret-Irin-Chronicles-3-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/2a00a07a00a05a09/The-Singer-Irin-Chronicles-2-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a02a05a03a05a00/The-Scribe-Irin-Chronicles-1-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a07a06a02a09a03/Hunter-x-Hunter-Vol-14-The-Secret-of-Greed-Island-by-Yoshihiro-Togashi.pdf
    • http://muicuiu.dumb1.com/1a02a06a09a03a02/The-Genius-and-the-Muse-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/2a02a09a02a04a02/A-Silver-Nutmeg-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/2a03a04a09a01a06/Midnight-Labyrinth-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/3a09a01a01a03a06/The-Tree-of-Idleness-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/4a08a08a09a09a01/The-Genius-and-the-Muse-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a02a08a09a08a04/The-Secret-Hunter-by-Susanne-Saville.pdf
    • http://muicuiu.dumb1.com/1a07a03a07a05a01/Waterlocked-Elemental-World-1-5-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/2a05a06a06a04a06/Beneath-a-Waning-Moon-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a08a09a02a08a00/Omens-and-Artifacts-Elemental-Legacy-3-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/5a09a04a04a00a02/Blood-and-Sand-Elemental-World-2-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/3a07a03a07a08/The-Force-of-Wind-Elemental-Mysteries-3-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a03a04a04a03a09/Imitation-and-Alchemy-Elemental-Legacy-2-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a08a09a04a06a07/The-Scarlet-Deep-Elemental-World-3-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a08a08a09a04a07/Shifting-Dreams-Cambio-Springs-1-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a08a09a06a00a01/A-Fall-of-Water-Elemental-Mysteries-4-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/2a03a05a03a06a08/Shadows-and-Gold-Elemental-Legacy-1-by-Elizabeth-Hunter.pdf
    • http://muicuiu.dumb1.com/1a07a03a

Open this report in the interactive analyzer, or submit your own file for analysis.