Malicious PDF — malware analysis report

Static analysis result for SHA-256 f2ec3f1cde4b23b4…

MALICIOUS

PDF

14.0 KB Created: 2020-03-18 22:23:57 +00:00 Authoring application: mPDF 5.7
MD5: 766da4656751f81670655995f6e8c30f SHA-1: 24bbf04e61b56491622d64bd9f353cb104df741e SHA-256: f2ec3f1cde4b23b4d39106fe73f9a3e1f36da018e3e91d0bd0885db4c357b0c6
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links pointing to external PDF documents hosted on the domain 'ieuicufioao.myhome.cx'. This behavior is indicative of a link farm or a phishing lure, aiming to direct users to potentially malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://ieuicufioao.myhome.cx/9550558557550551/The-Dark-Side-of-Nightfall-Book-One-Tales-From-Nightfall-Trilogy-by-Tim-O-39-Rourke.pdf
    • http://ieuicufioao.myhome.cx/9550558556558559/By-Nightfall-Nightfall-Series-Book-1-by-Ellen-Waite.pdf
    • http://ieuicufioao.myhome.cx/1556551558558558/Court-of-Nightfall-The-Nightfall-Chronicles-1-by-Karpov-Kinrade.pdf
    • http://ieuicufioao.myhome.cx/1553550556559552/The-Legend-of-Nightfall-Nightfall-1-by-Mickey-Zucker-Reichert.pdf
    • http://ieuicufioao.myhome.cx/9550558556559552/Nightfall-Heart-of-the-Alpha-Book-1-by-Evelyn-Glass.pdf
    • http://ieuicufioao.myhome.cx/1556551559557551/Nightfall-Book-One-of-the-Nightsong-Space-Opera-by-Maximillian-d-39-Erembourg.pdf
    • http://ieuicufioao.myhome.cx/9550558555558559/Nightfall-by-T-K-Lawyer.pdf
    • http://ieuicufioao.myhome.cx/1557551559555/Come-Nightfall-by-Gary-Amo.pdf
    • http://ieuicufioao.myhome.cx/1558551559550554/Nightfall-by-Lois-H-Gresh.pdf
    • http://ieuicufioao.myhome.cx/3551555554557557/Nightfall-by-Laura-Griffin.pdf
    • http://ieuicufioao.myhome.cx/9550558556559551/Nightfall-in-Mogadishu-by-Veronica-Li.pdf
    • http://ieuicufioao.myhome.cx/3554554557554554/Nightfall-by-Laura-Griffin.pdf
    • http://ieuicufioao.myhome.cx/1553552550559559/Nightfall-by-Norah-Wilson.pdf
    • http://ieuicufioao.myhome.cx/9550558557556553/24-Nightfall-by-Mark-L-Haynes.pdf
    • http://ieuicufioao.myhome.cx/9550558557550552/Nightfall-by-Peter-Fehervari.pdf
    • http://ieuicufioao.myhome.cx/9550558556558555/Nightfall-by-Dorothy-Daniels.pdf
    • http://ieuicufioao.myhome.cx/3552558551550554/Nightfall-Two-by-Isaac-Asimov.pdf
    • http://ieuicufioao.myhome.cx/3555557557555557/Nightfall-by-Brian-White.pdf
    • http://ieuicufioao.myhome.cx/9550558557557556/Nightfall-by-Scott-O-Brown.pdf
    • http://ieuicufioao.myhome.cx/4556554555556/Nightfall-and-Other-Stories-by-Isaac-Asimov.pdf
    • http://ieuicufioao.myhome.cx/3554554557554554/Nightfall

Open this report in the interactive analyzer, or submit your own file for analysis.