Malicious PDF — malware analysis report

Static analysis result for SHA-256 c998d10e82205d21…

MALICIOUS

PDF

125.7 KB Created: 2022-07-05 07:03:41 +00:00 Authoring application: ciasale (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: cefa33911dca3b2fc913445f46387780 SHA-1: e2690bc13b1bbdd0ca39285a57daa5a11f351b66 SHA-256: c998d10e82205d21684b0b6ac2a4691afb26e91a9d6c63322b696c263126cbb8
64 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a large number of external links, many of which point to what appear to be software installers or cracks. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass of external links, suggesting a link farm or a method to distribute malicious or unwanted software. The primary external URI found is also suspicious and likely leads to a malicious payload.

Machine Learning

  • Nyx PDF Classifier clean score 0.0144

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://thedirsite.com/clearingtheairscotland.airscrew/binders?dismally=QWRvYmUgUGhvdG9zaG9wIDIwMjIgKFZlcnNpb24gMjMuMC4yKQQWR.maserati&partum=ZG93bmxvYWR8WXAwT1RVeFlueDhNVFkxTmprNE1UVXdOSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk
    • https://www.cbdxpress.eu/wp-content/uploads/Adobe_Photoshop_2021_Version_2200-4.pdf
    • http://n0thingbutart.com/wp-content/uploads/2022/07/Photoshop_CS3.pdf
    • https://www.ecobags.in/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_2201_crack_exe_file__Keygen_For_LifeTime_For_PC_Latest.pdf
    • http://tichct.ir/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2014_Keygen___Free_Registration_Code_For_PC.pdf
    • http://steelcurtain.club/wp-content/uploads/2022/07/Photoshop_CC_2015_Version_16_Hacked__LifeTime_Activation_Code_Free_PCWindows.pdf
    • https://melodicomusic.se/wp-content/uploads/2022/07/Photoshop_CC_2015_version_18.pdf
    • http://www.labonnecession.fr/wp-content/uploads/2022/07/martbel.pdf
    • http://marqueconstructions.com/2022/07/05/adobe-photoshop-cc-2014-latest/
    • https://www.odooblogs.com/wp-content/uploads/2022/07/Photoshop_2020_Hacked__With_Registration_Code_Free.pdf
    • https://mh-tech2u.com/wp-content/uploads/2022/07/eveher.pdf
    • https://smartpolisforums.com/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_223.pdf
    • https://diontalent.nl/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_223_Final_2022.pdf
    • https://parisine.com/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_2241.pdf
    • https://cambodiaonlinemarket.com/wp-content/uploads/2022/07/ikeafry.pdf
    • https://repixelgaming.com/wp-content/uploads/2022/07/Photoshop_CC.pdf
    • https://exatasolucoes.net/wp-content/uploads/2022/07/Photoshop_2021_Version_223_Crack_File_Only__Full_Version_3264bit_Updated_2022.pdf
    • https://www.olivegin.com/wp-content/uploads/2022/07/Adobe_Photoshop_2022_Version_231.pdf
    • https://arabistgroup.com/wp-content/uploads/2022/07/galegeor.pdf
    • http://avc-mx.com/wp-content/uploads/2022/07/Photoshop_CC_2018_universal_keygen_.pdf
    • http://avc-mx.com/wp-content/uploads/2022/07/kaditai.pdf
    • https://restor8tivehr.com/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_2243-1.pdf
    • https://thawing-wildwood-56882.herokuapp.com/Adobe_Photoshop_2022_Version_2341.pdf
    • https://www.ecobags.in/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_2201_crack_exe_file__Key
    • http://tichct.ir/wp-
    • http://steelcurtain.club/wp-content/uploads/2022/07/Photoshop_CC_2015_Version_16_Hacked__LifeTime_Activati
    • https://www.odooblogs.com/wp-
    • https://exatasolucoes.net/wp-content/uploads/2022/07/Photoshop_2021_Version_223_Crack_File_Only__Full_Versi
    • https://wakelet.com/wake/O3sL4aBlEKDNMU35NrdLk
    • https://geitendatoland.wixsite.com/emyvmope/post/photoshop-2021-version-22-3-1-keygen-crack-setup-registration-code-free-download
    • http://suitoga.yolasite.com/resources/Photoshop-2021-Version-223-With-License-Key-For-PC.pdf
    • http://comhornlam.yolasite.com/resources/Adobe-Photoshop-2022-Version-232-Serial-Number-Full-Torrent.pdf
    • http://moconlong.yolasite.com/resources/Photoshop-2022--Crack--March2022.pdf
    • https://lorsladedoti.wixsite.com/solertumas/post/photoshop-2021-version-22-0-1-license-code-keygen-free-download-win-mac
    • https://wakelet.com/wake/wxkTH2AKgXs7MimuUo3fU
    • https://owblogbeshymati.wixsite.com/apifrathkoo/post/adobe-photoshop-2022-version-23-0-crack-with-serial-number-download-for-windows
    • http://www.tcpdf.org
    • https://geitendatoland.wixsite.com/emyvmope/post/photoshop-2021-version-22-3-1-keygen-crack-setup-
    • https://lorsladedoti.wixsite.com/solertumas/post/photoshop-2021-version-22-0-1-license-code-keygen-free-
    • https://owblogbeshymati.wixsite.com/apifrathkoo/post/adobe-photoshop-2022-version-23-0-crack-with-serial-
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.