Malicious PDF — malware analysis report

Static analysis result for SHA-256 f1eeed35e0e3710a…

MALICIOUS

PDF

27.6 KB Created: 2019-04-30 04:25:34 +01:00 Authoring application: mPDF 5.7
MD5: f071a9c37e168e254328cf9503cb374d SHA-1: da2178f499588cbbb9137f9d8a05046309a27b60 SHA-256: f1eeed35e0e3710ae2c1432f8364c565631858d03263eb5c58eba8a0a741475f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF contains a large number of embedded external links, as indicated by the PDF_SEO_LINK_FARM heuristic. While many of these links point to benign-looking book titles, the sheer volume and the ML classifier's high confidence score suggest a malicious intent, likely for SEO poisoning or to redirect users to harmful content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9695

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/4a00a04a05a08a02/The-Utterly-Completely-and-Totally-Useless-History-Fact-O-Pedia-A-Startling-Collection-of-Historical-Trivia-You-ll-Never-Need-to-Know-by-Charlotte-Lowe.pdf
    • http://muicuiu.dumb1.com/7a03a06a08a05a01/Book-of-Totally-Useless-Information-by-Don-Voorhees.pdf
    • http://muicuiu.dumb1.com/1a09a04a01a08a06/An-Utterly-Exasperated-History-of-Modern-Britain-by-John-O-39-Farrell.pdf
    • http://muicuiu.dumb1.com/1a07a04a00a01a08/Where-You-Are-A-Collection-of-Maps-That-Will-Leave-You-Feeling-Completely-Lost-by-Will-Gompertz.pdf
    • http://muicuiu.dumb1.com/1a01a06a06a04a02a01/99-Facts-about-Farts-The-Ultimate-Fun-Fact-Book-Fun-Fact-Books-by-J-N-Storm.pdf
    • http://muicuiu.dumb1.com/6a03a09a09a00a07/Native-Studies-Collection-Catalogue-La-Collection-Des-Etudes-Autochtones-Catalogue-by-Canadian-Institute-for-Historical-Micror.pdf
    • http://muicuiu.dumb1.com/7a07a00a01a03a00/Trivia-Colorless-Tsukuru-Tazaki-and-His-Years-of-Pilgrimage-A-Novel-By-Haruki-Murakami-Trivia-On-Books-by-Trivion-Books.pdf
    • http://muicuiu.dumb1.com/7a07a00a01a02a09/Trivia-Colorless-Tsukuru-Tazaki-and-His-Years-of-Pilgrimage-by-Haruki-Murakami-Trivia-on-Books-by-Trivion-Books.pdf
    • http://muicuiu.dumb1.com/6a06a00a08a00a08/Trivia-The-Perks-of-Being-a-Wallflower-A-Novel-By-Stephen-Chbosky-Trivia-On-Books-by-Trivion-Books.pdf
    • http://muicuiu.dumb1.com/9a05a06a06a09a00/Historical-Truth-Historical-Criticism-and-Ideology-Chinese-Historiography-and-Historical-Culture-from-a-New-Comparative-Perspective-by-Helwig-Schmidt-Glintzer.pdf
    • http://muicuiu.dumb1.com/4a09a00a09a03a04/Hope-for-the-Holidays-Historical-Collection-by-Mary-Connealy.pdf
    • http://muicuiu.dumb1.com/8a05a02a06a05a02/Trivia-All-the-light-we-cant-see-by-Anthony-Doerr-Trivia-on-Books-by-Trivion-Books.pdf
    • http://muicuiu.dumb1.com/1a00a05a09a00a01a04/Trivia-Memory-Man-by-David-Baldacci-Trivia-On-Books-by-Trivion-Books.pdf
    • http://muicuiu.dumb1.com/3a09a07a05a04a05/A-Historical-Collection-Anthology-Sweet-Sensual-by-Cheryl-Pierson.pdf
    • http://muicuiu.dumb1.com/2a05a05a04a06a05/Black-Southerners-in-Confederate-Armies-A-Collection-of-Historical-Accounts-by-J-H-Segars.pdf
    • http://muicuiu.dumb1.com/3a08a09a01a01a01/First-Love-Forever-Romance-Collection-9-Historical-Romances-Where-First-Loves-are-Rekindled-by-Susanne-Dietze.pdf
    • http://muicuiu.dumb1.com/2a01a01a00a03a03/The-Ultimate-World-Wrestling-Entertainment-Trivia-Book-The-Ultimate-WWE-Trivia-Book-by-Aaron-Feigenbaum.pdf
    • http://muicuiu.dumb1.com/4a01a05a09a04a04/The-Totally-Ninja-Raccoons-and-the-Secret-of-Nessmuk-Lake-Totally-Ninja-Raccoons-6-by-Kevin-Coolidge.pdf
    • http://muicuiu.dumb1.com/3a06a09a08a09a03/The-Most-Eligible-Bachelor-Romance-Collection-Nine-Historical-Novellas-Celebrate-Marrying-for-All-the-Right-Reasons-by-Amanda-Barratt.pdf
    • http://muicuiu.dumb1.com/1a01a06a05a03a07/Chasing-the-Chalice-A-Collection-of-Verses-by-Laura-Charlotte-Berlin.pdf
    • http://muicuiu.dumb1.com/6a03a09a09a00a07/Native-Studies-Col

Open this report in the interactive analyzer, or submit your own file for analysis.