Malicious PDF — malware analysis report

Static analysis result for SHA-256 fbc6f835135c35c2…

MALICIOUS

PDF

17.7 KB Created: 2019-08-02 07:36:43 +01:00 Authoring application: mPDF 5.7
MD5: 9df53875e27d5ea25739580caf6d717a SHA-1: 748dd90da3dcdab804657c9d743a453ec1e0978b SHA-256: fbc6f835135c35c244bfc2eac782e1aaf1f4155ee009efe41633fe5d16790b6e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, which point to external PDF files. These links are presented in a way that suggests they are sheet music, likely to trick users into clicking them. The ML classifier also strongly indicated maliciousness. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1731735735738738731/Dave-Brubeck----Glances-Suite-for-Solo-Piano-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737735733/Dave-Brubeck-Selections-from-Seriously-Brubeck-Original-Piano-Sheet-Music-for-the-Late-Intermediate-to-Early-Advanced-Pianist-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737736736/Dave-Brubeck----quot-chromatic-Fantasy-quot-Sonata-Piano-Solo-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737733730/Seriously-Brubeck-Original-Music-by-Dave-Brubeck-Piano-Solos-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737736737/Selections-from-A-Dave-Brubeck-Christmas-Piano-Solos-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737736734/Dave-Brubeck----Blue-Rondo-Piano-Vocal-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735738737739/Time-Out-The-Dave-Brubeck-Quartet-Piano-Solos-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737732739/Dave-Brubeck----Dave-s-Diary-A-Collection-of-Dave-Brubeck-Solos-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737735732/Dave-Brubeck-204-Success-Facts---Everything-You-Need-to-Know-about-Dave-Brubeck-by-Cheryl-Vaughan.pdf
    • http://cefasfese.4pu.com/1731735735739736738/Dave-Brubeck-s-Two-Part-Adventures-Original-Two-Part-Arrangements-0-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737732734/Time-Further-Out---Brubeck-about-Brubeck-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737733737/Nocturnes-by-Dave-Brubeck-Piano-Solos-by-John-Salmon.pdf
    • http://cefasfese.4pu.com/1731735735737735735/Take-Five-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735738739738/Linus-and-Lucy-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735739736732/Summer-Song-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735738739732/Brother-Can-You-Spare-a-Dime-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735739737734/Selections-from-Young-Lions-amp-Old-Tigers-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735737732732/It-s-About-Time-The-Dave-Brubeck-Story-by-Fred-Hall.pdf
    • http://cefasfese.4pu.com/1731735735738738737/In-Your-Own-Sweet-Way-Bb-Instruments-Sheet-Music-by-Dave-Brubeck.pdf
    • http://cefasfese.4pu.com/1731735735738738730/The-Dave-Brubeck-Quartet-Statesmen-of-the-Silver-Age-of-Jazz-by-Erich-von-Abele.pdf
    • http://cefasfese.4pu.com/1731735735737735732/Dave-Brubeck-2

Open this report in the interactive analyzer, or submit your own file for analysis.