Malicious PDF — malware analysis report

Static analysis result for SHA-256 c80019acb5b87f13…

MALICIOUS

PDF

20.6 KB Created: 2019-04-30 09:01:05 +01:00 Authoring application: mPDF 5.7
MD5: f63613d922e5be17c615e98762a519e9 SHA-1: 07402a211bc5e79f4a5f173e241d39ce82d39eca SHA-256: c80019acb5b87f13ae3980a287fd09682828d201c47780b2090ae05ec667838b
90 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO poisoning or to redirect users to malicious content. The ML classifier strongly indicated maliciousness. While no scripts were extracted, the PDF structure itself suggests a lure to external resources.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9924

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/7a03a00a01a01a02/Monte-The-Lure-of-Corruption-Book-1-by-Kyle-Perkins.pdf
    • http://muicuiu.dumb1.com/6a05a02a06a07a03/Kepler-Humanity-s-Ark-by-Kyle-Perkins.pdf
    • http://muicuiu.dumb1.com/4a02a03a04a06a04/The-Secret-History-of-the-American-Empire-Economic-Hit-Men-Jackals-amp-the-Truth-about-Corporate-Corruption-by-John-Perkins.pdf
    • http://muicuiu.dumb1.com/2a07a04a01a06a01/The-Secret-History-of-the-American-Empire-Economic-Hit-Men-Jackals-amp-the-Truth-about-Global-Corruption-by-John-Perkins.pdf
    • http://muicuiu.dumb1.com/1a01a02a06a04a09a05/Corruption-and-the-Rate-of-Temptation---Do-Low-Wages-in-the-Civil-Service-Cause-Corruption-by-Caroline-Van-Van-Rijckeghem.pdf
    • http://muicuiu.dumb1.com/1a00a03a07a00a00a09/Global-Corruption-Report-2005-Special-Focus-Corruption-in-Construction-and-Post-Conflict-Reconstruction-by-Francis-Fukuyama.pdf
    • http://muicuiu.dumb1.com/1a05a06a05a03a00/Seeds-of-Corruption-The-Awakened---Book-Four-by-Jason-Tesar.pdf
    • http://muicuiu.dumb1.com/6a07a02a07a03a00/Grof-Monte-Kristo-II-The-Count-Of-Monte-Cristo-part-2-of-3-by-Alexandre-Dumas.pdf
    • http://muicuiu.dumb1.com/1a02a00a08/A-Dark-Lure-A-Dark-Lure-1-by-Loreth-Anne-White.pdf
    • http://muicuiu.dumb1.com/7a03a00a01a00a03/Book-of-Vile-Darkness-Dungeons-amp-Dragons-Accessory-by-Monte-Cook.pdf
    • http://muicuiu.dumb1.com/1a06a01a09a03a00/Go-Cat-Go-The-Life-and-Times-of-Carl-Perkins-the-King-of-Rockabilly-by-Carl-Perkins.pdf
    • http://muicuiu.dumb1.com/7a01a06a03a09/Le-Comte-De-Monte-Cristo-3-The-Count-of-Monte-Cristo-part-3-of-3-by-Alexandre-Dumas.pdf
    • http://muicuiu.dumb1.com/6a07a02a06a06a04/O-Conde-de-Monte-Cristo-V-3-The-Count-of-Monte-Cristo-part-3-of-3-by-Alexandre-Dumas.pdf
    • http://muicuiu.dumb1.com/7a03a00a01a06a04/Monte-Cook-s-World-of-Darkness-by-Monte-Cook.pdf
    • http://muicuiu.dumb1.com/5a04a07a04a06a02/Contele-de-Monte-Cristo-Contele-de-Monte-Cristo-1-of-4-by-Alexandre-Dumas.pdf
    • http://muicuiu.dumb1.com/1a00a02a00a08a09a03/The-Lure-of-Technocracy-by-J-rgen-Habermas.pdf
    • http://muicuiu.dumb1.com/2a08a05a02a02a01/Silver-s-Lure-by-Anne-Kelleher.pdf
    • http://muicuiu.dumb1.com/3a00a02a09a03a03/Skye-s-Lure-by-Angel-Leya.pdf
    • http://muicuiu.dumb1.com/1a08a08a04a09a02/Lure-of-the-Jaguar-Hades-Carnival-7-by-N-J-Walters.pdf
    • http://muicuiu.dumb1.com/1a08a09a01a02a02/The-Lure-of-the-Wolf-Shadowmen-2-by-Jennifer-St-Giles.pdf
    • http://muicuiu.dumb1.com/1a01a02a06a04a09a05/Corruption-and-the-Rate-of-Temptation---Do-Low-Wages-in-the-Civil-Service-Cause-Corr

Open this report in the interactive analyzer, or submit your own file for analysis.