Malicious PDF — malware analysis report

Static analysis result for SHA-256 f8049d737eac7be5…

MALICIOUS

PDF

16.9 KB Created: 2019-04-29 23:35:18 +01:00 Authoring application: mPDF 5.7
MD5: 095af7a36ac06ff8ac2c2a6b92321961 SHA-1: 6bdc48221a4aa94143300fa6a48adad9f288f68f SHA-256: f8049d737eac7be56b760483907d498e2a5d443cacbbd3e582f7e9c058bcf89a
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF contains a large number of external links, as detected by the PDF_SEO_LINK_FARM heuristic. The ML classifier also strongly indicated maliciousness. The embedded URLs point to a domain that appears to be hosting a link farm, likely intended to drive traffic or distribute further malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9787

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/2a02a01a05a05a04/Horseshoe-Crabs-and-Velvet-Worms-The-Story-of-the-Animals-and-Plants-That-Time-Has-Left-Behind-by-Richard-Fortey.pdf
    • http://muicuiu.dumb1.com/5a00a09a04a03a05/A-Tide-Too-High-by-Carole-Brungar.pdf
    • http://muicuiu.dumb1.com/2a01a04a04a09a09/The-High-Tide-Club-by-Mary-Kay-Andrews.pdf
    • http://muicuiu.dumb1.com/8a06a04a03a00/High-Tide-at-Gettysburg-by-Glenn-Tucker.pdf
    • http://muicuiu.dumb1.com/2a05a08a02a04a03/Stone-Fall-High-Tide-Suspense-3-by-Min-Edwards.pdf
    • http://muicuiu.dumb1.com/8a02a03a02a00a06/Trouble-at-High-Tide-Murder-She-Wrote-37-by-Jessica-Fletcher.pdf
    • http://muicuiu.dumb1.com/3a05a07a03a08a04/Precious-Stone-High-Tide-Suspense-Book-4-by-Min-Edwards.pdf
    • http://muicuiu.dumb1.com/2a05a04a08a04a05/Barksdale-s-Charge-The-True-High-Tide-of-the-Confederacy-at-Gettysburg-July-2-1863-by-Phillip-Thomas-Tucker.pdf
    • http://muicuiu.dumb1.com/3a03a03a01a07a00/Katana-at-Super-Hero-High-by-Lisa-Yee.pdf
    • http://muicuiu.dumb1.com/1a07a06a03a08a01/Night-of-the-Crabs-by-Guy-N-Smith.pdf
    • http://muicuiu.dumb1.com/3a07a02a08a01a06/Yo-Miss-A-Graphic-Look-At-High-School-by-Lisa-Wilde.pdf
    • http://muicuiu.dumb1.com/7a08a07a08a08a08/Shin-Megami-Tensei-KAHN-Volume-1-Shin-Megami-Tensel-Kahn-v-1-by-Kazuaki-Yanagisawa.pdf
    • http://muicuiu.dumb1.com/1a01a02a09a07a04a00/David-Schnell-Hover-by-David-Schnell.pdf
    • http://muicuiu.dumb1.com/4a00a07a02a07a05/The-Tide-The-Tide-1-by-Anthony-J-Melchiorri.pdf
    • http://muicuiu.dumb1.com/7a08a07a05a05a09/Louis-Kahn-Conversations-with-Students-by-Louis-I-Kahn.pdf
    • http://muicuiu.dumb1.com/5a06a06a00a07/Horseshoe-Saddle-Club-44-by-Bonnie-Bryant.pdf
    • http://muicuiu.dumb1.com/1a00a02a08a08a05/Horseshoe-Crab-Biography-of-a-Survivor-by-Anthony-D-Fredericks.pdf
    • http://muicuiu.dumb1.com/9a03a05a02a05a05/Rip-Tide-Tide-3-by-K-Dicke.pdf
    • http://muicuiu.dumb1.com/1a03a08a01a03a02/Raider-s-Tide-Raider-s-Tide-1-by-Maggie-Prince.pdf
    • http://muicuiu.dumb1.com/3a05a09a01a07a07/Dead-Tide-Dead-Tide-1-by-Stephen-A-North.pdf
    • http://muicuiu.dumb1.com/8a02a03a02a00a06/Trouble-

Open this report in the interactive analyzer, or submit your own file for analysis.