Malicious PDF — malware analysis report

Static analysis result for SHA-256 facf0bd3de9e5458…

MALICIOUS

PDF

16.3 KB Created: 2019-05-06 16:31:26 +01:00 Authoring application: mPDF 5.7
MD5: c4cf5e832c5b901d3313cb7cd327c9fb SHA-1: 7dc56e6aa8a347383beba56ce1b53a2f8f681e3f SHA-256: facf0bd3de9e5458112adb71d2d149dca4f5950a7fce47f005819382ccc00dfe
70 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious File

The ClamAV heuristic identified this PDF as a dropper. The document contains a visual download button and embedded URLs, suggesting a social engineering attempt to trick the user into downloading a secondary payload. The primary URL identified is http://muicuiu.dumb1.com/3a05a02a00a07a02/Beguiled-by-Paisley-Smith.pdf.

Heuristics 4

  • ClamAV: Pdf.Dropper.Agent-7205058-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7205058-0
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a05a02a00a07a02/Beguiled-by-Paisley-Smith.pdf
    • http://muicuiu.dumb1.com/2a08a08a09a08a09/First-Taste-Naughty-Nooners-by-Paisley-Smith.pdf
    • http://muicuiu.dumb1.com/4a09a06a03a04a02/Waking-Jamal-by-Amberly-Smith.pdf
    • http://muicuiu.dumb1.com/3a08a04a00a09a00/Waking-Jake-by-Penelope-Smith.pdf
    • http://muicuiu.dumb1.com/3a07a08a00a06a00/Beguiled-Beguiled-1-by-Paisley-Smith.pdf
    • http://muicuiu.dumb1.com/3a07a01a07a08/Waking-Up-Married-Waking-Up-1-by-Mira-Lyn-Kelly.pdf
    • http://muicuiu.dumb1.com/4a04a09a09a09a05/Waking-Up-Pregnant-Waking-Up-2-by-Mira-Lyn-Kelly.pdf
    • http://muicuiu.dumb1.com/1a09a05a02a07a09/The-Midnight-Hour-A-Novella-The-Violet-Hour-Series-0-5-by-Andrea-L-Wells.pdf
    • http://muicuiu.dumb1.com/6a08a01a05a05a01/One-Hour-Cheese-Ricotta-Mozzarella-Ch-vre-Paneer--Even-Burrata-Fresh-and-Simple-Cheeses-You-Can-Make-in-an-Hour-or-Less-by-Claudia-Lucero.pdf
    • http://muicuiu.dumb1.com/3a08a02a01a04a07/Ghost-s-Hour-Spook-s-Hour-by-Eve-Bunting.pdf
    • http://muicuiu.dumb1.com/4a06a03a03a05a03/Animal-Eye-by-Paisley-Rekdal.pdf
    • http://muicuiu.dumb1.com/1a01a06a09a00a06a01/GALACTIC-PINBALL-by-Robert-Paisley.pdf
    • http://muicuiu.dumb1.com/1a02a07a07a03/A-Basket-of-Wishes-by-Rebecca-Paisley.pdf
    • http://muicuiu.dumb1.com/2a09a07a06a02a05/White-Rose-Rebel-by-Janet-Paisley.pdf
    • http://muicuiu.dumb1.com/4a03a07a09a08a05/Paisley-Hanover-Kisses-and-Tells-by-Cameron-Tuttle.pdf
    • http://muicuiu.dumb1.com/1a00a01a03a05a06a07/The-Ungodly-Hour-The-Ungodly-Hour-1-by-Lorrie-Bannett.pdf
    • http://muicuiu.dumb1.com/3a04a00a01a03a03/The-Violet-Hour-The-Violet-Hour-1-by-Andrea-L-Wells.pdf
    • http://muicuiu.dumb1.com/1a07a09a09a06a04/The-Violet-Hour-The-Violet-Hour-1-by-Whitney-A-Miller.pdf
    • http://muicuiu.dumb1.com/2a01a05a03a04a00/Mr-Penumbra-s-24-Hour-Bookstore-Mr-Penumbra-s-24-Hour-Bookstore-1-by-Robin-Sloan.pdf
    • http://muicuiu.dumb1.com/4a04a03a01a08a02/The-Eleven-Hour-Fall-The-Eleven-Hour-Fall-1-by-Robert-Appleton.pdf
    • http://muicuiu.dumb1.com/6a08a01a05a05a01/One-Hour-Cheese-Ricotta-Mozzarella-Ch-vre-Paneer--Even-Burrata-Fresh-and-Simple-Cheeses-You-Can-Make-in-an-Hour-or-Le

Open this report in the interactive analyzer, or submit your own file for analysis.