Malicious PDF — malware analysis report

Static analysis result for SHA-256 f101e90a115a4da3…

MALICIOUS

PDF

17.5 KB Created: 2019-05-05 15:40:09 +01:00 Authoring application: mPDF 5.7
MD5: e8d0dd068028ce436e1dee95e7092671 SHA-1: f962c0ebcfebdbab6645887e89f493336283a63d SHA-256: f101e90a115a4da391b11c088fc329936953cb32480b48a3086391bd296b1a1f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1059.001 PowerShell

The PDF file was flagged by a machine learning classifier as malicious. Static analysis revealed a PDF_SEO_LINK_FARM heuristic firing, indicating the presence of a mass external PDF link farm. The document contains numerous embedded URLs pointing to various PDF files, likely serving as a lure or a distribution mechanism for further malicious activity. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/6a00a03a00a08a00/Who-Was-Helen-Keller-by-Gare-Thompson.pdf
    • http://muicuiu.dumb1.com/6a00a03a04a05a08/The-Miracle-Worker-Selected-Works-of-Helen-Keller-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/6a00a03a03a08a02/To-Love-This-Life-Quotations-By-Helen-Keller-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/6a05a04a00a01a00/Who-Was-Eleanor-Roosevelt-by-Gare-Thompson.pdf
    • http://muicuiu.dumb1.com/6a05a04a02a05a04/The-Lion-and-the-Mouse-by-Gare-Thompson.pdf
    • http://muicuiu.dumb1.com/1a08a06a06a02a05/Helen-s-Eyes-A-Photobiography-of-Annie-Sullivan-Helen-Keller-s-Teacher-by-Marfe-Ferguson-Delano.pdf
    • http://muicuiu.dumb1.com/6a05a04a00a03a09/Our-Journey-West-An-Adventure-on-the-Oregon-Trail-by-Gare-Thompson.pdf
    • http://muicuiu.dumb1.com/5a06a08a02a05/Light-in-my-Darkness-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/3a01a02a02a04a07/I-am-Helen-Keller-by-Brad-Meltzer.pdf
    • http://muicuiu.dumb1.com/6a03a03a03a02a08/The-Story-of-My-Life-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/6a00a03a02a02a04/Helen-Keller-by-Stewart-Graff.pdf
    • http://muicuiu.dumb1.com/6a04a09a04a08a08/The-Story-of-My-Life-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/1a08a00a05a09a03/The-Story-of-Helen-Keller-by-Lorena-A-Hickok.pdf
    • http://muicuiu.dumb1.com/2a00a08a09a07a07/The-Story-of-My-Life-The-Restored-Classic-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/6a00a03a04a06a04/The-Value-of-Determination-Story-of-Helen-Keller-by-Ann-Donegan-Johnson.pdf
    • http://muicuiu.dumb1.com/1a04a08a04a01a06/The-Helen-Keller-Story-by-Catherine-Owens-Peare.pdf
    • http://muicuiu.dumb1.com/6a00a03a04a06a01/DK-Biography-Helen-Keller-A-Photographic-Story-of-a-Life-by-Leslie-Garrett.pdf
    • http://muicuiu.dumb1.com/8a02a07a04a03a01/The-Story-of-my-Life-Term-1-amp-2-Summary-in-English-amp-Hindi-for-Class-10-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/7a02a01a05a08a01/The-Story-of-My-Life-Illustrated-Platinum-Edition-Free-Audiobook-Included-by-Helen-Keller.pdf
    • http://muicuiu.dumb1.com/8a03a06a09a03a04/The-Touch-of-Magic-The-Story-of-Helen-Keller-s-Great-Teacher-Anne-Sullivan-Macy-by-Lorena-A-Hickok.pdf
    • http://muicuiu.dumb1.com/6a03a03a03a02a08/Th

Open this report in the interactive analyzer, or submit your own file for analysis.