Malicious PDF — malware analysis report

Static analysis result for SHA-256 ebd96c7f7ca66bda…

MALICIOUS

PDF

17.6 KB Created: 2019-05-07 04:09:26 +01:00 Authoring application: mPDF 5.7
MD5: 6e1d51d3da3993da064381ec438a3eb7 SHA-1: 5e2d1b88d411a373d094aac5e17ec29fc66bae0d SHA-256: ebd96c7f7ca66bdad314dab3749a718e6eb00ada92d66df9a09fcc64ed8306ef
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files hosted on the domain 'muicuiu.dumb1.com'. This behavior is indicative of a link farm or a lure to a malicious site, as flagged by the PDF_SEO_LINK_FARM heuristic. The ML classifier also strongly indicated maliciousness. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9788

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a09a03a02a02a06/Bullet-Points-by-Mark-Watson.pdf
    • http://muicuiu.dumb1.com/1a00a03a05a06a03a03/Im-Restaurant-und-anderswo-Hotel-Alpha-Stories-by-Mark-Watson.pdf
    • http://muicuiu.dumb1.com/4a04a03a01a08a02/The-Eleven-Hour-Fall-The-Eleven-Hour-Fall-1-by-Robert-Appleton.pdf
    • http://muicuiu.dumb1.com/1a00a02a04a05a09a08/Articles-on-Cultural-Critics-Including-Pierre-Schaeffer-Slavoj-I-Ek-Mark-Steyn-Ziauddin-Sardar-Jamal-Watson-Carolyn-Cooper-Ashis-Nandy-E-San-Juan-Jr-Gautam-Bhatia-Diedrich-Diederichsen-by-Hephaestus-Books.pdf
    • http://muicuiu.dumb1.com/1a01a00a06a04a01/Mercy-Watson-Something-Wonky-This-Way-Comes-Mercy-Watson-6-by-Kate-DiCamillo.pdf
    • http://muicuiu.dumb1.com/2a02a05a05a09a03/Mercy-Watson-Goes-for-a-Ride-Mercy-Watson-2-by-Kate-DiCamillo.pdf
    • http://muicuiu.dumb1.com/1a09a02a09a03a06/Nine-Eleven-Ten-by-Subtilior.pdf
    • http://muicuiu.dumb1.com/1a00a02a04a03a09/Eleven-Stories-by-Leo-Tolstoy.pdf
    • http://muicuiu.dumb1.com/3a04a09a06a03a02/Eleven-Days-by-Donald-Harstad.pdf
    • http://muicuiu.dumb1.com/4a09a09a01a00a00/Eleven-Kids-One-Summer-by-Ann-M-Martin.pdf
    • http://muicuiu.dumb1.com/1a00a07a06a06a08/Eleven-Shadow-and-Light-1-by-J-J-Bende.pdf
    • http://muicuiu.dumb1.com/1a01a09a09a07a00/The-Eleven-The-Gathering-by-Dewayne-Pyatt.pdf
    • http://muicuiu.dumb1.com/7a09a06a08a02a07/Eleven-Stories-and-More-by-Kathrine-Kressmann-Taylor.pdf
    • http://muicuiu.dumb1.com/3a04a08a06a09/Eleven-on-Top-Stephanie-Plum-11-by-Janet-Evanovich.pdf
    • http://muicuiu.dumb1.com/4a03a00a04a04a04/Eleven-Minutes-Fracture-0-5-by-Megan-Miranda.pdf
    • http://muicuiu.dumb1.com/1a00a03a08a01a03a02/Council-of-Eleven-Shall-We-Not-Revenge-by-Jeff-Minde.pdf
    • http://muicuiu.dumb1.com/1a01a01a08a02a05/Eleven-Brandon-Fisher-FBI-1-by-Carolyn-Arnold.pdf
    • http://muicuiu.dumb1.com/3a01a06a09a06a01/The-Listerdale-Mystery-And-Eleven-Other-Stories-by-Agatha-Christie.pdf
    • http://muicuiu.dumb1.com/2a07a08a02a04a01/On-Looking-Eleven-Walks-with-Expert-Eyes-by-Alexandra-Horowitz.pdf
    • http://muicuiu.dumb1.com/7a01a05a04a00a03/Eleven-Brandon-Fisher-FBI-series-1-by-Carolyn-Arnold.pdf
    • http://muicuiu.dumb1.com/3a0

Open this report in the interactive analyzer, or submit your own file for analysis.