Malicious PDF — malware analysis report

Static analysis result for SHA-256 f047e03a7cc82925…

MALICIOUS

PDF

19.6 KB Created: 2020-03-19 02:37:34 +00:00 Authoring application: mPDF 5.7
MD5: 41b82558320dd6a406b0a0424811dc35 SHA-1: a4eed72278dc075317217599e9552a07d551f6c2 SHA-256: f047e03a7cc829253599bcd61435c79ef15e34c043ba0e33dc25a56200dced8f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a heuristic firing for a large number of external links, indicating a link farm. The document body also contains numerous embedded URLs, all pointing to the same domain with book-related slugs. These URLs are likely used to redirect users to malicious content or phishing pages. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/3554551558552551/Where-Have-All-the-Birds-Gone-Essays-on-the-Biology-and-Conservation-of-Birds-That-Migrate-to-the-American-Tropics-by-John-Terborgh.pdf
    • http://ieuicufioao.myhome.cx/8551558551550553/The-Audubon-Society-Encyclopedia-of-North-American-Birds-by-John-K-Terres.pdf
    • http://ieuicufioao.myhome.cx/8551558550553551/Birds-of-America-by-John-James-Audubon.pdf
    • http://ieuicufioao.myhome.cx/1553555556551559/Culinary-Birds-The-Ultimate-Poultry-Cookbook-by-John-Ash.pdf
    • http://ieuicufioao.myhome.cx/1558551558551/Life-List-Remembering-the-Birds-of-My-Years-by-John-N-Cole.pdf
    • http://ieuicufioao.myhome.cx/1559553553550551/Birds-of-Prey-Batgirl-Catwoman-by-John-Francis-Moore.pdf
    • http://ieuicufioao.myhome.cx/8551552554551558/National-Audubon-Society-Field-Guide-to-North-American-Birds-Western-Region-by-Miklos-D-F-Udvardy.pdf
    • http://ieuicufioao.myhome.cx/5552552557557558/The-Boy-Who-Drew-Birds-A-Story-of-John-James-Audubon-by-Jacqueline-Davies.pdf
    • http://ieuicufioao.myhome.cx/5550556554555/Under-a-Wild-Sky-John-James-Audubon-and-the-Making-of-The-Birds-of-America-by-William-Souder.pdf
    • http://ieuicufioao.myhome.cx/6553558557553/Tuatara-Biology-and-Conservation-of-a-Venerable-Survivor-by-Alison-Cree.pdf
    • http://ieuicufioao.myhome.cx/7557553551553550/John-James-Audubon-The-Watercolors-for-the-Birds-of-America-by-John-James-Audubon.pdf
    • http://ieuicufioao.myhome.cx/7557553550559558/John-James-Audubon-The-watercolors-for-The-birds-of-America-by-John-James-Audubon.pdf
    • http://ieuicufioao.myhome.cx/2551556550559/Still-Looking-Essays-on-American-Art-by-John-Updike.pdf
    • http://ieuicufioao.myhome.cx/3550555550556551/The-Birds-by-Aristophanes.pdf
    • http://ieuicufioao.myhome.cx/3556557559551556/Why-Birds-Fly-by-Florence-Witkop.pdf
    • http://ieuicufioao.myhome.cx/9552558551552/Birds-by-Kevin-Henkes.pdf
    • http://ieuicufioao.myhome.cx/1553557559553557/The-Birds-by-Daphne-du-Maurier.pdf
    • http://ieuicufioao.myhome.cx/2551554550552551/Freedom-is-for-the-Birds-by-J-M-Sutherland.pdf
    • http://ieuicufioao.myhome.cx/1557550556554559/The-Birds-by-Daphne-du-Maurier.pdf
    • http://ieuicufioao.myhome.cx/7555553555556558/Birds-of-Guyana-by-B-R-Singh.pdf
    • http://ieuicufioao.myhome.cx/5552552557557558/The-Boy-Who-Dr

Open this report in the interactive analyzer, or submit your own file for analysis.