Malicious PDF — malware analysis report

Static analysis result for SHA-256 c4a8353fdbb2fd59…

MALICIOUS

PDF

14.0 KB Created: 2019-04-30 02:39:06 +01:00 Authoring application: mPDF 5.7 First seen: 2021-06-28
MD5: 9aa17a2b3ea3231be45c56a1704d43da SHA-1: fa1b83d64678fb07b470081f6c3d7e9fa60ba455 SHA-256: c4a8353fdbb2fd593bb3b6a65ef94618bfc453d8c601337242f9ef725a0213bd
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

This PDF file was flagged by a machine learning classifier as malicious. It contains a large number of embedded external links, identified as a link farm, which is a common technique for distributing malware or conducting phishing attacks. The document body consists of these links, suggesting the primary purpose is to direct users to external resources.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/1a00a00a08a00a06/Hot-head-by-Simon-Ings.pdf In PDF document text
    • http://muicuiu.dumb1.com/1a00a03a08a03a00/Wolves-by-Simon-Ings.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a01a01a04a06a05/A-Head-for-Poisoning-Sir-Geoffrey-Mappestone-2-by-Simon-Beaufort.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a07a06a03a08a01/Head-To-Head-Claire-Morgan-1-by-Linda-Ladd.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a05a06a07a09a02/Low-Magick-It-s-All-in-Your-Head-You-Just-Have-No-Idea-How-Big-Your-Head-Is-by-Lon-Milo-DuQuette.pdfIn PDF document text
    • http://muicuiu.dumb1.com/8a07a04a01a05/Simon-s-Cat-in-Kitten-Chaos-Simon-s-Cat-3-by-Simon-Tofield.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a03a05a02a01a01/Death-s-Head-Day-of-the-Damned-Death-s-Head-3-by-David-Gunn.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a05a05a05a04a09/Dragon-Head-Volume-1-Dragon-Head-1-by-Minetar-Mochizuki.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a01a07a06a06a05/Simon-s-Cat-vs-the-World-Simon-s-Cat-4-by-Simon-Tofield.pdfIn PDF document text
    • http://muicuiu.dumb1.com/7a08a05a05a06/Death-s-Head-Death-s-Head-1-by-David-Gunn.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a05a03a01a01a05/The-120-Days-of-Simon-by-Simon-G-rdenfors.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a01a08a00a02a05/Simon-s-Cat-Off-to-the-Vet-and-Other-Cat-astrophes-by-Simon-Tofield.pdfIn PDF document text
    • http://muicuiu.dumb1.com/7a05a06a00a04a02/Memoirs-of-the-Duc-de-Saint-Simon-1710-1715-by-Louis-de-Rouvroy-Saint-Simon.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a04a00a07a06a07/Simon-Thorn-and-the-Wolf-s-Den-Simon-Thorn-1-by-Aimee-Carter.pdfIn PDF document text
    • http://muicuiu.dumb1.com/7a03a07a00a06a09/Franklin-Simon-Fashion-Catalog-for-1923-by-Franklin-Simon-amp-Co-.pdfIn PDF document text
    • http://muicuiu.dumb1.com/9a05a08a03a00a07/Simon-s-Cat-by-Simon-Tofield.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a00a08a03a05/Mr-and-Mrs-Bo-Jo-Jones-by-Ann-Head.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a07a02a09a01/Mr-and-Mrs-Bo-Jo-Jones-by-Ann-Head.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a09a05a04a04/Horizon-by-Lee-Head.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a07a01a00a05/Use-Your-Head-by-Tony-Buzan.pdfIn PDF document text