Malicious PDF — malware analysis report

Static analysis result for SHA-256 e1dce2065bc89209…

MALICIOUS

PDF

123.1 KB Created: 2022-07-05 02:12:10 +00:00 Authoring application: balffor (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: e65edb23e6c79970369dede635f3a480 SHA-1: bbc06a0191cc646db9425490cb642dd1a0453852 SHA-256: e1dce2065bc89209b99caaad5b22cec85623cc698480cd093550f27b110f2abb
64 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF document contains a large number of external links, many of which are associated with software cracks and pirated applications, indicating a likely attempt to lure users to malicious download sites. The heuristic 'PDF_SEO_LINK_FARM' specifically flags the presence of a mass external PDF link farm, suggesting a coordinated effort to distribute potentially harmful content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier clean score 0.0123

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://signforcover.com/UGhvdG9zaG9wIDIwMjEgKFZlcnNpb24gMjIuNSkUGh/headboard.individually?mangos=/repackagers/ZG93bmxvYWR8VjNKTW1jNVpueDhNVFkxTmprNE1UVXdOSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/sambals/winpatrol/unashamedly
    • https://tengocasa.mx/adobe-photoshop-cc-2015-nulled-keygen-pc-windows-march-2022/
    • http://reddenegocios.garantizamifuturo.com/upload/files/2022/07/Ws2n93r6uFbT6AyuVl4a_05_a4db0a408b31ddd40f12f609d9d257f7_file.pdf
    • http://www.travelmindsets.com/?p=15869
    • https://www.beaches-lakesides.com/realestate/adobe-photoshop-2021-version-22-4-crack-file-only-keygen-full-version-pc-windows/
    • https://hissme.com/upload/files/2022/07/H3nzoWEVqkQZMD5k2sD9_05_aa5511d185b601ff0ba5a8f7084fe4f3_file.pdf
    • http://nuihoney.com/adobe-photoshop-2022-version-23-1-1-keygen-crack-serial-key-serial-number-full-torrent-free-win-mac/
    • https://suisse-trot.ch/advert/photoshop-cs5-crack-exe-file-keygen-for-lifetime-updated-2022/
    • https://www.westminster-ma.gov/sites/g/files/vyhlif1431/f/uploads/public_records_access_guidelines_for_town_of_westminster_0.pdf
    • https://buzzmyhub.com/upload/files/2022/07/J7S7IDxctIYOQ1FrhasK_05_aa5511d185b601ff0ba5a8f7084fe4f3_file.pdf
    • https://learnpace.com/adobe-photoshop-cc-2014-keygen-exe-for-windows/
    • https://endleleni.com/photoshop-2020-version-21-keygen-only-free-march-2022/
    • https://www.cameraitacina.com/en/system/files/webform/feedback/gerhar494.pdf
    • https://www.disputingblog.com/wp-content/uploads/2022/07/pazilayt.pdf
    • https://rackingpro.com/wp-content/uploads/2022/07/aobrsavi.pdf
    • https://www.sertani.com/upload/files/2022/07/V9NEX3Q9foLq535YddJr_05_aa5511d185b601ff0ba5a8f7084fe4f3_file.pdf
    • https://amazeme.pl/wp-content/uploads/2022/07/Adobe_Photoshop_CC.pdf
    • https://buyer1ny.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2231.pdf
    • https://maltymart.com/advert/adobe-photoshop-cc-crack-exe-file-with-license-code-free-download-win-mac/
    • https://kjvreadersbible.com/adobe-photoshop-2021-version-22-5-keygen-win-mac/
    • https://maisonchaudiere.com/advert/photoshop-2021-version-22-3-1-hack-patch-win-mac/
    • https://recreovirales.com/adobe-photoshop-2022-version-23-4-1-crack-serial-number-for-pc-april-2022/
    • https://lilswanbaby.com/wp-content/uploads/2022/07/cleila.pdf
    • https://baukultur.plus/wp-content/uploads/2022/07/yonrei.pdf
    • https://radiant-wave-99768.herokuapp.com/pyllver.pdf
    • https://wormenhotel.nl/wp-content/uploads/2022/07/sahayava.pdf
    • http://increate.net/photoshop-cs6-crack-serial-number-free-updated-2022/
    • https://natepute.com/advert/adobe-photoshop-2021-version-22-4-3-crack-mega-2/
    • https://desifaceup.in/upload/files/2022/07/ijQGth4gCvtLPV2IpuvZ_05_a4db0a408b31ddd40f12f609d9d257f7_file.pdf
    • https://www.cakeresume.com/portfolios/adobe-photoshop-cc-product-key-with-license-code
    • https://theafcalelu1973.wixsite.com/noherleihelp/post/photoshop-2021-version-22-5-nulled-lifetime-activation-code-download-32-64bit-2022
    • http://www.tcpdf.org
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.