Malicious PDF — malware analysis report

Static analysis result for SHA-256 f226c26c91283c93…

MALICIOUS

PDF

13.3 KB Created: 2020-03-18 16:33:52 +00:00 Authoring application: mPDF 5.7
MD5: 5492f05da3e9fe94f3c8dce96d4eb1b0 SHA-1: 04db725c7f04628c1cdece9272dc64349896b29f SHA-256: f226c26c91283c931638ce79ee325042aa338c9d2c1205a831f588d45a47bad9
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains a large number of embedded URLs, all pointing to the same domain, suggesting a link farm or redirection scheme. The heuristic 'PDF_SEO_LINK_FARM' confirms this, indicating a malicious intent to drive traffic to external content. No scripts were extracted, limiting further analysis of the payload.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/1551556552552553556/The-Illegitimates-5-by-Taran-Killam.pdf
    • http://ieuicufioao.myhome.cx/1551556552552552554/The-Illegitimates-2-by-Taran-Killam.pdf
    • http://ieuicufioao.myhome.cx/1551556552552552555/Linked-by-Taran-Becker.pdf
    • http://ieuicufioao.myhome.cx/1551556552553550554/Parmenides-by-Leonardo-Tar-n.pdf
    • http://ieuicufioao.myhome.cx/3552551558557556/The-Chosen-Contender-1-by-Taran-Matharu.pdf
    • http://ieuicufioao.myhome.cx/4559556557552558/Joshua-s-Island-by-Patrick-Hodges.pdf
    • http://ieuicufioao.myhome.cx/2553558554554552/What-s-For-Lunch-Charley-by-Margaret-Hodges.pdf
    • http://ieuicufioao.myhome.cx/5554552554552/His-Sexy-Bad-Habit-by-Cheris-Hodges.pdf
    • http://ieuicufioao.myhome.cx/1551556552552553551/Taran-s-Wheel-Incomers-Book-1-by-Jim-Forbes.pdf
    • http://ieuicufioao.myhome.cx/6559551553553554/A-Fine-Welcome-Othello-s-Journey-by-Taran-Matharu.pdf
    • http://ieuicufioao.myhome.cx/6552552558557558/The-Doctor-Who-Annual-1974-by-Edgar-Hodges.pdf
    • http://ieuicufioao.myhome.cx/6559558556557/Saint-George-and-the-Dragon-by-Margaret-Hodges.pdf
    • http://ieuicufioao.myhome.cx/4557555558553552/Alan-Turing-The-Enigma-by-Andrew-Hodges.pdf
    • http://ieuicufioao.myhome.cx/3554553555551555/Alan-Turing-The-Enigma-by-Andrew-Hodges.pdf
    • http://ieuicufioao.myhome.cx/3555559559551/Taran-Wanderer-The-Chronicles-of-Prydain-4-by-Lloyd-Alexander.pdf
    • http://ieuicufioao.myhome.cx/1550552553557553550/The-True-Tale-of-Johnny-Appleseed-by-Margaret-Hodges.pdf
    • http://ieuicufioao.myhome.cx/3558550559555555/The-Arrow-and-the-Lamp-The-Story-of-Psyche-by-Margaret-Hodges.pdf
    • http://ieuicufioao.myhome.cx/9555558558/Mr-Mercedes-Bill-Hodges-Trilogy-1-by-Stephen-King.pdf
    • http://ieuicufioao.myhome.cx/4551558558551550/Mr-Mercedes-Bill-Hodges-Trilogy-1-by-Stephen-King.pdf
    • http://ieuicufioao.myhome.cx/1551556552553550552/The-sun-will-shine-again-life-lessons-from-a-year-of-grieving-by-Sissy-Taran.pdf
    • http://ieuicufioao.myhome.cx/455755555855

Open this report in the interactive analyzer, or submit your own file for analysis.