Malicious PDF — malware analysis report

Static analysis result for SHA-256 c2d7d49a7d018e87…

MALICIOUS

PDF

16.7 KB Created: 2020-03-18 21:22:57 +00:00 Authoring application: mPDF 5.7
MD5: 792dc2b573c0e3cc17121b439d4a1474 SHA-1: 2ada926bf3e69f6aa2cd2eed86e783162f2c4de5 SHA-256: c2d7d49a7d018e8748bdeddcc879cfedf275125cb83df7a0ae1089bcaf4dc8d1
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a large number of embedded URLs pointing to a single suspicious domain, indicating a link farm designed to drive traffic. The heuristic 'PDF_SEO_LINK_FARM' confirms this behavior. No scripts were extracted, and the document body is heavily obfuscated, preventing a deeper analysis of the immediate intent beyond the link redirection. The primary IOCs are the numerous URLs hosted on the 'myhome.cx' domain.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/9557554550551550/The-Keepers-The-New-World-Book-1-by-Sameena-Bachmeier.pdf
    • http://ieuicufioao.myhome.cx/9557554550555558/Banyan-Tree-of-Time-Volume-1-by-Sameena-Michelle-Bachmeier.pdf
    • http://ieuicufioao.myhome.cx/9557554550555555/Old-Mother-Hubbard-s-Mixed-Up-Cupboard-A-Collection-Of-Tangled-Tales-by-Sameena-Michelle-Bachmeier.pdf
    • http://ieuicufioao.myhome.cx/2556550553557558/Eden-It-s-an-Endless-World-Volume-1-Eden-It-s-an-Endless-World-1-by-Hiroki-Endo.pdf
    • http://ieuicufioao.myhome.cx/2553558556553554/Shaherazade-s-Daughters-by-Sameena-K-Mughal.pdf
    • http://ieuicufioao.myhome.cx/9557554550556550/The-Dentist-Can-Cook-by-Dr-Fatima-Sameena-Sharif.pdf
    • http://ieuicufioao.myhome.cx/9557554550550552/The-Dentist-Can-Cook-by-Fatima-Sameena-Sharif.pdf
    • http://ieuicufioao.myhome.cx/9557554550550555/Heilung-des-Herzens-Der-Schmerz-einer-Trennung-ist-der-Samen-aus-dem-das-Leben-und-die-Liebe-neu-erbl-hen-by-Eva-Sameena.pdf
    • http://ieuicufioao.myhome.cx/1551557554554555559/Endless-Change-by-P-D-Workman.pdf
    • http://ieuicufioao.myhome.cx/2552558556550552/Endless-Forever-by-E-M-Lindsey.pdf
    • http://ieuicufioao.myhome.cx/4555553558557559/Endless-Blue-by-Wen-Spencer.pdf
    • http://ieuicufioao.myhome.cx/1552554550557556/Endless-by-Amanda-Gray.pdf
    • http://ieuicufioao.myhome.cx/1556553553550550/The-Endless-Land-by-Rob-Gregson.pdf
    • http://ieuicufioao.myhome.cx/2556550557558555/Endless-Days-The-Firsts-2-by-C-L-Quinn.pdf
    • http://ieuicufioao.myhome.cx/3553553554556558/Endless-Shores-Ageless-2-by-M-R-Polish.pdf
    • http://ieuicufioao.myhome.cx/2558555552554/Endless-Crescent-1-by-Matt-Bone.pdf
    • http://ieuicufioao.myhome.cx/2551556558553559/Endless-Spring-by-Ginnie-Carmichael.pdf
    • http://ieuicufioao.myhome.cx/1555553554554/Endless-Love-by-Scott-Spencer.pdf
    • http://ieuicufioao.myhome.cx/1550557550551556559/The-Endless-Adventure-by-Dale-Rex-Coman.pdf
    • http://ieuicufioao.myhome.cx/4554554550555554/What-If-Just-for-Today-A-Journal-of-Endless-Possibilities-by-Lee-Pryke.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.