Malicious PDF — malware analysis report

Static analysis result for SHA-256 caa96bd3bc57a519…

MALICIOUS

PDF

14.2 KB Created: 2019-05-03 09:18:33 +01:00 Authoring application: mPDF 5.7
MD5: ee66da3b05ada70cc828b81c4854ea8e SHA-1: ce341b7ea94d2c14290f9f9b62d8d5fd8bc8db43 SHA-256: caa96bd3bc57a519d5a769e750089438231c76b91b32a632dcac81516e5ffba3
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, forming a link farm that directs users to external PDF files. This behavior is indicative of a lure to a malicious site or a content distribution network for further malware. The ML classifier strongly supports the malicious verdict.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9891

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/7201205205200203/Anne-of-Green-Gables-The-famous-Chinese-and-foreign-Series-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/5208203209207201/Anne-of-Green-Gables-Anne-of-Green-Gables-Series-1-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/9205200203208208/Anne-of-Green-Gables-The-Complete-Anne-Shirley-Series-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/9205200201202205/Anne-Of-Green-Gables-Anne-Shirley-Series-1-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/6200203200208205/Anne-of-Avonlea-Anne-of-Green-Gables-Series-2-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/4207208200204205/Anne-of-Green-Gables-Anne-of-Avonlea-Anne-of-Green-Gables-1-2-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/2203202207208202/Anne-of-Green-Gables-Anne-of-Avonlea-Anne-of-Green-Gables-1-2-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/7202201206209205/Anne-of-Green-Gables-by-L-M-Montgomery-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/7207207204204207/Anne-des-Pignons-Verts-Anne-of-Green-Gables-French-edition-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/1201200203208207205/Anne-im-Rainbow-Valley-7-Band-von-Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/5200204206201209/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/4203201204201201/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/5203201209209205/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/4202201206201202/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/3205203201202207/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/3201207202209208/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/6206209209206207/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/6209203206203201/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/5203209200205200/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/3205200203208207/Anne-of-Green-Gables-by-L-M-Montgomery.pdf
    • http://xiixmcuin.linkpc.net/7207207204204207/Anne-des-Pignons-Verts-Anne-of-Green-Gables-French-

Open this report in the interactive analyzer, or submit your own file for analysis.