Malicious PDF — malware analysis report

Static analysis result for SHA-256 d151e1e390190dcd…

MALICIOUS

PDF

16.5 KB Created: 2020-03-18 16:33:19 +00:00 Authoring application: mPDF 5.7
MD5: a12e72629c6a2120f4aff80586713171 SHA-1: 6057bfc164acb3b3edc2dc0e7674eebbfbf92172 SHA-256: d151e1e390190dcd1b405d27200d8d1e5c07aa8e3474df71e0ec1357cab6ed04
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDFs hosted on the domain 'ieuicufioao.myhome.cx'. This is indicative of a link farm or SEO poisoning attack, designed to drive traffic to malicious or low-quality content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/6551559550557556/LE-MAS-PROVEN-AL-by-Abbey-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/1551557557551550555/Gothic-Parodies-Northanger-Abbey-Nightmare-Abbey-amp-the-Heroine-Or-Adventures-of-Cherubina-Volumes-I-II-III-by-Yona-Rodrigue-Cohen.pdf
    • http://ieuicufioao.myhome.cx/4559554554553559/Abbey-s-Road-by-Edward-Abbey.pdf
    • http://ieuicufioao.myhome.cx/9556557555559554/The-Thom-Hartmann-Reader-by-Thom-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/2552551554552558/Christmas-At-Draycott-Abbey-Draycott-Abbey-10-by-Christina-Skye.pdf
    • http://ieuicufioao.myhome.cx/2556553558555552/Doubting-Abbey-Doubting-Abbey-1-by-Samantha-Tonge.pdf
    • http://ieuicufioao.myhome.cx/1551550552555556553/Iona-Abbey-Music-Book-Songs-From-The-quot-Iona-Abbey-Worship-Book-quot-by-Community-Iona.pdf
    • http://ieuicufioao.myhome.cx/9556558551555551/Aesthetics-by-Nicolai-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/9556557556557555/Spidermilk-by-Konrad-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/9556558553554551/New-Ways-Of-Ontology-by-Nicolai-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/9556557556557551/Dangerous-Urges-by-Konrad-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/9556557556556550/The-Prophet-s-Way-A-Guide-to-Living-in-the-Now-by-Thom-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/1551555557550557550/Wie-ich-lernte-das-Nutzlose-zu-lieben-by-Jupp-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/6558552555558552/Externe-Faktoren-Im-Demokratisierungsprozess-by-Christof-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/9554559556558552/Schuldig-Krimireihe-Hartmann-by-Jens-R-Willmann.pdf
    • http://ieuicufioao.myhome.cx/3554557553552/Proven-Guilty-The-Dresden-Files-8-by-Jim-Butcher.pdf
    • http://ieuicufioao.myhome.cx/3553556556554557/Proven-Guilty-The-Dresden-Files-8-by-Jim-Butcher.pdf
    • http://ieuicufioao.myhome.cx/1551553552552556552/Adam-Und-Eva-Eine-Idylle-in-Sieben-Ges-nge-by-Moritz-Hartmann.pdf
    • http://ieuicufioao.myhome.cx/6558555552550557/Voodoo-Dawn-Marika-Hartmann-2-5-by-Greg-Barron.pdf
    • http://ieuicufioao.myhome.cx/1550551552550558550/Unsterbliche-Seele-Anna-Heart-by-Anja-Hartmann.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.