Malicious PDF — malware analysis report

Static analysis result for SHA-256 dd38fc6b972d95f6…

MALICIOUS

PDF

131.9 KB Created: 2022-07-05 02:59:08 +00:00 Authoring application: wikolath (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: d585de122e9ef58ce4e3ceff30610580 SHA-1: 88f5cb86310b0e6b5463390f7be004d27e6a20a5 SHA-256: dd38fc6b972d95f601338a5946d95761b176f5c6996be3552e72ce9c9c5e882a
64 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a large number of external links, many of which point to websites offering software cracks and keygens, suggesting a lure for users to download malicious files. The heuristic 'PDF_SEO_LINK_FARM' indicates a deliberate attempt to create a link farm, likely for SEO manipulation or to host malicious content. The presence of numerous unknown-reputation URLs reinforces the malicious intent.

Machine Learning

  • Nyx PDF Classifier clean score 0.0079

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://hardlyfind.com/belissimo.afldir?ZG93bmxvYWR8YzN6TTNOemVueDhNVFkxTmprNE1UVXdOSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA=QWRvYmUgUGhvdG9zaG9wIDIwMjIgKFZlcnNpb24gMjMuMC4xKQQWR&atomizer=kunkle/rover/maitia
    • https://webflow-converter.ru/photoshop-2020-version-21-keygen-exe-download-pc-windows/
    • http://www.healistico.com/photoshop-2020-version-21-license-key-full-download-updated-2022/
    • https://www.newssunisunayi.com/wp-content/uploads/2022/07/Photoshop_2021_Version_223_Crack_Keygen_With_Serial_number___Free_For_PC_Latest.pdf
    • https://www.vsv7.com/upload/files/2022/07/ba1zCEGCDlOXklVnyEeP_05_83ed558d47edb44fb84cd52ce133a75f_file.pdf
    • https://www.briarcliffmanor.org/sites/g/files/vyhlif326/f/pages/2022_dpw_calendar_1.pdf
    • https://spacebott.com/adobe-photoshop-2021-version-22-5-1-key-generator-for-pc/
    • https://seoburgos.com/adobe-photoshop-cc-2014/
    • http://realslant.com/?p=10941
    • https://www.bedfordma.gov/sites/g/files/vyhlif6866/f/file/file/guide_to_town_meeting.pdf
    • https://irabotee.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2242-1.pdf
    • http://sportweb.club/?p=13602
    • https://www.acvconsultoria.com/wp-content/uploads/2022/07/Photoshop_CC_2015_version_16.pdf
    • https://eafuerteventura.com/?p=24917
    • https://oceanofcourses.com/wp-content/uploads/2022/07/sheldel.pdf
    • https://delicatica.ru/2022/07/05/photoshop-2022-version-23-1-1-patch-full-version-torrent-activation-code-free-download-pc-windows-updated-2022/
    • https://ex0-sys.app/upload/files/2022/07/IPn7QIlHmfcEwT465X25_05_cac87e61bf3bbece91deeed280e9a61b_file.pdf
    • https://dailyjaguar.com/wp-content/uploads/2022/07/Photoshop_CC_2015_version_16.pdf
    • https://myirishconnections.com/2022/07/05/
    • http://www.studiofratini.com/adobe-photoshop-2022-version-23-4-1-license-key-3264bit-updated-2022/
    • http://www.skyhave.com/upload/files/2022/07/U83e5ptdpaVYCDXIt8AX_05_02b5da07b6dddded7ab78880183f7cdb_file.pdf
    • https://mentorus.pl/photoshop-2021-version-22-4-1-registration-code-free-download-pc-windows-latest-2022/
    • https://cursos-bonificados.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2201_LifeTime_Activation_Code_Download_3264bit_2022.pdf
    • https://slav-s.ru/sites/default/files/webform/photoshop-2022-version-23.pdf
    • https://www.robiambiente.it/sites/default/files/webform/allegato/undytarh536.pdf
    • https://pinballsarcadegames.com/advert/photoshop-2021-version-22-1-0-free-download-for-windows-april-2022/
    • https://www.tailormade-logistics.com/sites/default/files/webform/nehweim692.pdf
    • http://pacificgoods.net/wp-content/uploads/2022/07/Photoshop_2021_Version_222_Crack_With_Serial_Number___Activator_3264bit.pdf
    • https://emealjobs.nttdata.com/pt-pt/system/files/webform/nareohi132.pdf
    • https://uwaterloo.ca/institute-polymer-research/system/files/webform/nanoneel189.pdf
    • https://trello.com/c/1Cjuj3j3/46-adobe-photoshop-2022-version-2311-keygen-only-latest-2022
    • http://www.tcpdf.org
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.