Malicious PDF — malware analysis report

Static analysis result for SHA-256 c2225edb30add9a4…

MALICIOUS

PDF

16.8 KB Created: 2020-03-18 21:08:24 +00:00 Authoring application: mPDF 5.7
MD5: fa42631f96a5c092e110a43d6b6b5a4e SHA-1: 96e5bbf5615a6ffc40b7c458244c146b95f752fe SHA-256: c2225edb30add9a4ccc0c4afe1b77eed8e45e8a1c9eb1dbee0ec420712f3f202
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs pointing to external websites, a technique often used for SEO spam or to redirect users to malicious content. The ML classifier strongly supports the malicious verdict. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/5550551552559556/Rabbit-Run-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/2552550554555/The-Coup-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/2551556550559/Still-Looking-Essays-on-American-Art-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/3552558553559558/The-Witches-of-Eastwick-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/2555559558555558/Rabbit-At-Rest-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/3552557555550559/The-Witches-of-Eastwick-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/1555558553554/Bech-A-Book-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/2555559559556556/Rabbit-Redux-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/3557550558559550/The-Complete-Henry-Bech-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/1556550555554/Pigeon-Feathers-and-Other-Stories-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/4554555558550555/The-Best-American-Short-Stories-1984-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/1550559555552553552/Higher-Gossip-Essays-and-Criticism-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/1551554554555550556/Astuces-de-couples-pour-viter-de-jeter-son-conjoint-par-la-fen-tre-10-astuces-de-couples-French-Edition-by-Christine-Ath-nes.pdf
    • http://ieuicufioao.myhome.cx/1551558552558550558/100-Questions-to-Ask-Before-you-Get-Married-Critical-discussion-starters-for-couples-who-are-preparing-for-marriage-by-John-Stange.pdf
    • http://ieuicufioao.myhome.cx/1551550555552550/The-Witches-of-Eastwick-Eastwick-1-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/4557558553554/Rabbit-Omnibus-Rabbit-Run-Rabbit-Redux-Rabbit-Is-Rich-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/1559555558559556/Updike-by-Adam-Begley.pdf
    • http://ieuicufioao.myhome.cx/6557551557558555/Clash-of-the-Couples-by-Crystal-Ponti.pdf
    • http://ieuicufioao.myhome.cx/2556557551551554/Getting-to-50-50-How-Working-Couples-Can-Have-It-All-by-Sharing-It-All-by-Joanna-Strober.pdf
    • http://ieuicufioao.myhome.cx/3554559558558556/Four-p-m-Plumber-Erotica-for-Couples-by-Alison-Tyler.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.