Malicious PDF — malware analysis report

Static analysis result for SHA-256 cb994e8792eb0ccd…

MALICIOUS

PDF

13.3 KB Created: 2020-03-18 22:35:41 +00:00 Authoring application: mPDF 5.7
MD5: 06f1d0bc4b8ae14fbb04bfe2215f9237 SHA-1: f1f8adf2933d934caafcd8fe12be8c723260039b SHA-256: cb994e8792eb0ccd0e0c7c6ab518e99f572959fc7495bc4b521553d5b1f6e5b5
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of embedded URLs pointing to external PDF files, a technique often used for SEO spam or to distribute malicious content. The ML classifier strongly indicated maliciousness. No scripts were extracted, but the sheer volume of links suggests a deceptive or malicious intent to redirect the user. The primary attack pattern is likely to trick users into visiting these links, potentially leading to further compromise.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9102

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://lwoscmobook.myhome.cx/552495245524752405244/Into-a-Million-Pieces-Pieces-Duology-1-by-Angela-V-Cook.pdf
    • http://lwoscmobook.myhome.cx/152465249524752445246/Pieces-of-Lies-Pieces-of-Lies-1-by-Angela-Richardson.pdf
    • http://lwoscmobook.myhome.cx/952415240524152405243/A-Million-Little-Pieces-by-James-Frey-l-Summary-amp-Study-Guide-by-BookRags.pdf
    • http://lwoscmobook.myhome.cx/452495240524952435242/Falling-to-Pieces-Pieces-1-by-Jamie-Canosa.pdf
    • http://lwoscmobook.myhome.cx/452445249524952455244/Pieces-of-Us-Pieces-2-by-Pamela-Ann.pdf
    • http://lwoscmobook.myhome.cx/45244524952425240/Broken-Pieces-Broken-Pieces-1-by-Riley-Hart.pdf
    • http://lwoscmobook.myhome.cx/552495245524752485246/Pieces-of-Him-by-Alice-Tribue.pdf
    • http://lwoscmobook.myhome.cx/8524552485242/Pieces-of-Her-by-Karin-Slaughter.pdf
    • http://lwoscmobook.myhome.cx/252425246524152475248/Gone-to-Pieces-by-Connor-Wright.pdf
    • http://lwoscmobook.myhome.cx/552495245524752405249/Pieces-of-You-by-Ella-Harper.pdf
    • http://lwoscmobook.myhome.cx/452455244524752465247/Pieces-of-Paper-by-Jeannie-Lin.pdf
    • http://lwoscmobook.myhome.cx/252415246524752465249/Missing-Pieces-by-Ivy-Smoak.pdf
    • http://lwoscmobook.myhome.cx/1524052465249524452465247/Mollie-and-Other-War-Pieces-by-A-J-Liebling.pdf
    • http://lwoscmobook.myhome.cx/55246524852475247/Pieces-of-Us-by-Margie-Gelbwasser.pdf
    • http://lwoscmobook.myhome.cx/552495245524752415240/Pieces-of-Summer-by-C-M-Owens.pdf
    • http://lwoscmobook.myhome.cx/952495244524152485243/All-Our-Broken-Pieces-by-L-D-Crichton.pdf
    • http://lwoscmobook.myhome.cx/252465246524752475246/Pieces-of-You-and-Me-by-Erin-Fletcher.pdf
    • http://lwoscmobook.myhome.cx/552475245524552405247/Pieces-de-Clavecin-by-Dufour.pdf
    • http://lwoscmobook.myhome.cx/452465241524752415243/Pieces-of-Georgia-by-Jen-Bryant.pdf
    • http://lwoscmobook.myhome.cx/152495244524952475248/Pieces-of-Sky-by-Trinity-Doyle.pdf
    • http://lwoscmobook.myhome.cx/2524152465247524

Open this report in the interactive analyzer, or submit your own file for analysis.