Malicious PDF — malware analysis report

Static analysis result for SHA-256 fb02990ad6033589…

MALICIOUS

PDF

17.7 KB Created: 2019-04-30 05:39:55 +01:00 Authoring application: mPDF 5.7 First seen: 2021-08-20
MD5: 18d2115236b34b2fa0a0c7cd70a7a146 SHA-1: 2badd4ec9297598839c11a63fd35c83285ad0b83 SHA-256: fb02990ad60335893015a26598130f108a5b10d3484c4506000fb80cbba47cca
100 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are marked as benign, the sheer volume and structure suggest a link farm or SEO manipulation tactic. The ML_NYX_PDF_MALICIOUS heuristic further supports the malicious classification. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9931

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://muicuiu.dumb1.com/3a08a02a01a04a07/Ghost-s-Hour-Spook-s-Hour-by-Eve-Bunting.pdf In PDF document text
    • http://muicuiu.dumb1.com/1a09a05a02a07a09/The-Midnight-Hour-A-Novella-The-Violet-Hour-Series-0-5-by-Andrea-L-Wells.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a08a01a05a05a01/One-Hour-Cheese-Ricotta-Mozzarella-Ch-vre-Paneer--Even-Burrata-Fresh-and-Simple-Cheeses-You-Can-Make-in-an-Hour-or-Less-by-Claudia-Lucero.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a01a03a05a06a07/The-Ungodly-Hour-The-Ungodly-Hour-1-by-Lorrie-Bannett.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a07a09a09a06a04/The-Violet-Hour-The-Violet-Hour-1-by-Whitney-A-Miller.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a04a00a01a03a03/The-Violet-Hour-The-Violet-Hour-1-by-Andrea-L-Wells.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a01a05a03a04a00/Mr-Penumbra-s-24-Hour-Bookstore-Mr-Penumbra-s-24-Hour-Bookstore-1-by-Robin-Sloan.pdfIn PDF document text
    • http://muicuiu.dumb1.com/5a09a03a00a06a02/Mr-Penumbra-s-24-Hour-Bookstore-Mr-Penumbra-s-24-Hour-Bookstore-1-by-Robin-Sloan.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a04a03a01a08a02/The-Eleven-Hour-Fall-The-Eleven-Hour-Fall-1-by-Robert-Appleton.pdfIn PDF document text
    • http://muicuiu.dumb1.com/7a03a04a03a06a06/2nd-Edition-Just-1-hour-Amazing-Sydney-Travelling-Book-Bring-this-book-to-travel-2nd-Edition-Just-1-hour-Amazing-Sydney-Travelling-Book-Bring-this-by-Takuji.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a00a06a06a08a00/The-Lilac-Hour-by-Ute-Carbone.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a04a04a04a04a07/The-Golden-Hour-by-T-Greenwood.pdfIn PDF document text
    • http://muicuiu.dumb1.com/6a05a02a03a02a05/His-Hour-by-Elinor-Glyn.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a07a08a05a00/Watch-The-Hour-by-J-R-Lindermuth.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a08a02a07a06a08/An-Hour-Too-Soon-by-Christopher-Santos.pdfIn PDF document text
    • http://muicuiu.dumb1.com/3a05a00a03a01a01/Our-Magic-Hour-by-Jennifer-Down.pdfIn PDF document text
    • http://muicuiu.dumb1.com/2a01a06a03a05a07/The-Fifth-Hour-by-Angie-West.pdfIn PDF document text
    • http://muicuiu.dumb1.com/4a08a07a04a01a02/Man-of-the-Hour-by-Peter-Blauner.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a01a07a08a01a03a06/The-Hour-That-Changes-Everything-by-John-van-de-Laar.pdfIn PDF document text
    • http://muicuiu.dumb1.com/1a00a05a05a01a08a01/Hugging-Hour-by-Aileen-Leijten.pdfIn PDF document text