Malicious PDF — malware analysis report

Static analysis result for SHA-256 e7a43556ece505c3…

MALICIOUS

PDF

15.6 KB Created: 2019-04-30 04:59:22 +01:00 Authoring application: mPDF 5.7
MD5: d0479d3cff7f4f48c41795a1c518657a SHA-1: 228e88f56ae3a5a1c4d86b6a787a537d6cc5914d SHA-256: e7a43556ece505c31f4025e4a52e9f88acbf2ace0ad373263cd39aba93e04e74
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded URLs, forming a link farm. The primary heuristic indicates this is a PDF SEO link farm, suggesting a tactic to drive traffic to external content. While the ML classifier flagged it as malicious, the specific intent appears to be redirection rather than direct payload delivery.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dum
    • http://muicuiu.dumb1.com/4a09a06a04a06a08/Full-Moon-The-Amazing-Rock-and-Roll-Life-of-Keith-Moon-by-Dougal-Butler.pdf
    • http://muicuiu.dumb1.com/3a08a07a06a02a06/In-the-Light-of-the-Full-Cold-Moon-Moon-Sage-Theosophies-1-by-Susan-Elizabeth-Girard.pdf
    • http://muicuiu.dumb1.com/8a07a02a03a08a08/Full-Moon-Lockdown-Moon-Compound-1-by-Jackie-Nacht.pdf
    • http://muicuiu.dumb1.com/2a05a02a02a02a00/Full-Moon-Bloody-Moon-by-Lee-Driver.pdf
    • http://muicuiu.dumb1.com/9a09a03a05a08a04/-Full-Moon-Vol-1-by-Sanami-Matoh.pdf
    • http://muicuiu.dumb1.com/9a09a03a07a01a02/Until-the-Full-Moon-1-by-Sanami-Matoh.pdf
    • http://muicuiu.dumb1.com/3a00a03a03a09a09/Full-Moon-by-Michael-Light.pdf
    • http://muicuiu.dumb1.com/4a07a05a04a08/Full-Moon-o-Sagashite-Vol-1-by-Arina-Tanemura.pdf
    • http://muicuiu.dumb1.com/3a07a06a00a04a00/Full-Moon-Blandings-Castle-7-by-P-G-Wodehouse.pdf
    • http://muicuiu.dumb1.com/2a01a03a03a09a09/Full-Moon-O-Sagashite-Vol-5-by-Arina-Tanemura.pdf
    • http://muicuiu.dumb1.com/6a09a07a06a04/Kitten-s-First-Full-Moon-by-Kevin-Henkes.pdf
    • http://muicuiu.dumb1.com/2a03a02a07a08a00/Full-Moon-City-by-Martin-H-Greenberg.pdf
    • http://muicuiu.dumb1.com/5a08a07a05a09a08/Full-Moon-Bikers-Part-One-by-Sookie-Sabre.pdf
    • http://muicuiu.dumb1.com/7a03a08a06a06a01/Vampire-Orphanage-Full-Moon-Series-by-P-Mattern.pdf
    • http://muicuiu.dumb1.com/1a02a01a05a09a01/Magic-of-the-Moonlight-Full-Moon-2-by-Ellen-Schreiber.pdf
    • http://muicuiu.dumb1.com/3a07a07a09a01a09/Full-Moon-Over-Cedar-Hill-by-Edward-Lorn.pdf
    • http://muicuiu.dumb1.com/7a03a05a01a02a04/Double-Full-Moon-Night-Rama-1-75-by-Gentry-Lee.pdf
    • http://muicuiu.dumb1.com/2a09a09a05a08a01/Packmaster-Full-Moon-Rising-1-by-Jess-Buffett.pdf
    • http://muicuiu.dumb1.com/6a05a04a04a00a09/Mejiana-amp-Detroit-le-temps-est-venu-When-the-moon-is-full-2-by-V-D-Prin.pdf
    • http://muicuiu.dumb1.com/6a05a07a04a00/The-Last-Full-Moon-Lessons-of-my-Life-by-Gilda-Cordero-Fernando.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.