Summary

mpdf.pdf

File mpdf.pdf

Summary
Download Resubmit sample

Size 79.0KB
Type PDF document, version 1.4, 1 pages
MD5 9aca5c5245edea4cb616ed6cbe57377a
SHA1 972aab95499ed8675306d71f4b6e04ad984e7705
SHA256 c5d4d7135ba908eea32b41e9033b96b3f9cc51c25d9797e2b60bb6ef96c491d9
SHA512
a963cc054baa0b404dbaf2251d5e1ff78e5caed7ed2e78f8ed6632912e0dca6918cfb1e0a82caceef7f6a0331e4c67bccac27ee96655813c200e310b47d81bad
CRC32 B366D504
ssdeep None
Yara
  • invalid_trailer_structure - (no description)

Score

This file appears fairly benign with a score of 0.1 out of 10.

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis
Category Started Completed Duration Routing Logs
FILE Feb. 24, 2026, 9:41 p.m. Feb. 24, 2026, 9:43 p.m. 132 seconds internet Show Analyzer Log
Show Cuckoo Log

Analyzer Log

2026-02-24 20:41:18,015 [analyzer] DEBUG: Starting analyzer from: C:\tmpqqrt4a
2026-02-24 20:41:18,030 [analyzer] DEBUG: Pipe server name: \??\PIPE\hmYNaWSPJAimOADGutbChFhHHeXYge
2026-02-24 20:41:18,030 [analyzer] DEBUG: Log pipe server name: \??\PIPE\pjuVgaxFdkSIseNnVvTGzSlKNesOjUq
2026-02-24 20:41:18,328 [analyzer] DEBUG: Started auxiliary module Curtain
2026-02-24 20:41:18,328 [analyzer] DEBUG: Started auxiliary module DbgView
2026-02-24 20:41:18,875 [analyzer] DEBUG: Started auxiliary module Disguise
2026-02-24 20:41:19,078 [analyzer] DEBUG: Loaded monitor into process with pid 504
2026-02-24 20:41:19,078 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2026-02-24 20:41:19,078 [analyzer] DEBUG: Started auxiliary module Human
2026-02-24 20:41:19,078 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2026-02-24 20:41:19,092 [analyzer] DEBUG: Started auxiliary module Reboot
2026-02-24 20:41:19,171 [analyzer] DEBUG: Started auxiliary module RecentFiles
2026-02-24 20:41:19,187 [analyzer] DEBUG: Started auxiliary module Screenshots
2026-02-24 20:41:19,187 [analyzer] DEBUG: Started auxiliary module Sysmon
2026-02-24 20:41:19,187 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2026-02-24 20:41:19,312 [lib.api.process] INFO: Successfully executed process from path 'C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\AcroRd32.exe' with arguments [u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\mpdf.pdf'] and pid 2924
2026-02-24 20:41:19,467 [analyzer] DEBUG: Loaded monitor into process with pid 2924
2026-02-24 20:41:21,280 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin
2026-02-24 20:41:21,467 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Local\Adobe\Color\Profiles\wscRGB.icc
2026-02-24 20:41:21,500 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Local\Adobe\Color\Profiles\wsRGB.icc
2026-02-24 20:41:21,515 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Local\Adobe\Color\ACECache10.lst
2026-02-24 20:41:24,500 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents-journal
2026-02-24 20:41:24,500 [analyzer] INFO: Added new file to list with pid 2924 and path C:\Users\Administrator\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
2026-02-24 20:42:41,753 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2026-02-24 20:42:42,051 [analyzer] INFO: Terminating remaining processes before shutdown.
2026-02-24 20:42:42,051 [lib.api.process] INFO: Successfully terminated process with pid 2924.
2026-02-24 20:42:42,082 [analyzer] WARNING: File at path u'c:\\users\\administrator\\appdata\\roaming\\adobe\\acrobat\\9.0\\shareddataevents-journal' does not exist, skip.
2026-02-24 20:42:42,098 [analyzer] INFO: Analysis completed.

Cuckoo Log

2026-02-24 21:41:19,100 [cuckoo.core.scheduler] INFO: Task #7464478: acquired machine win7x6428 (label=win7x6428)
2026-02-24 21:41:19,101 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.228 for task #7464478
2026-02-24 21:41:19,474 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 3877813 (interface=vboxnet0, host=192.168.168.228)
2026-02-24 21:41:19,523 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6428
2026-02-24 21:41:20,031 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6428 to vmcloak
2026-02-24 21:42:03,683 [cuckoo.core.guest] INFO: Starting analysis #7464478 on guest (id=win7x6428, ip=192.168.168.228)
2026-02-24 21:42:04,751 [cuckoo.core.guest] DEBUG: win7x6428: not ready yet
2026-02-24 21:42:09,783 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6428, ip=192.168.168.228)
2026-02-24 21:42:09,885 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6428, ip=192.168.168.228, monitor=latest, size=6660546)
2026-02-24 21:42:11,429 [cuckoo.core.resultserver] DEBUG: Task #7464478: live log analysis.log initialized.
2026-02-24 21:42:12,459 [cuckoo.core.resultserver] DEBUG: Task #7464478 is sending a BSON stream
2026-02-24 21:42:12,849 [cuckoo.core.resultserver] DEBUG: Task #7464478 is sending a BSON stream
2026-02-24 21:42:13,766 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'shots/0001.jpg'
2026-02-24 21:42:13,799 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 133464
2026-02-24 21:42:14,878 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'shots/0002.jpg'
2026-02-24 21:42:14,894 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 125272
2026-02-24 21:42:15,996 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'shots/0003.jpg'
2026-02-24 21:42:16,012 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 150448
2026-02-24 21:42:17,127 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'shots/0004.jpg'
2026-02-24 21:42:17,157 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 149833
2026-02-24 21:42:23,406 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'shots/0005.jpg'
2026-02-24 21:42:23,431 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 148160
2026-02-24 21:42:26,121 [cuckoo.core.guest] DEBUG: win7x6428: analysis #7464478 still processing
2026-02-24 21:42:41,252 [cuckoo.core.guest] DEBUG: win7x6428: analysis #7464478 still processing
2026-02-24 21:42:41,884 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'curtain/1771962161.88.curtain.log'
2026-02-24 21:42:41,888 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 36
2026-02-24 21:42:42,053 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'sysmon/1771962162.05.sysmon.xml'
2026-02-24 21:42:42,062 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 1066242
2026-02-24 21:42:42,068 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'files/2e06a69a5d07bed6_wscrgb.icc'
2026-02-24 21:42:42,071 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 66208
2026-02-24 21:42:42,077 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'files/1230a5f700dbfd5e_wsrgb.icc'
2026-02-24 21:42:42,079 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 2676
2026-02-24 21:42:42,088 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'files/81394834860318c0_acecache10.lst'
2026-02-24 21:42:42,090 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 1946
2026-02-24 21:42:42,093 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'files/622e0234290a9ce5_shareddataevents'
2026-02-24 21:42:42,095 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 3072
2026-02-24 21:42:42,098 [cuckoo.core.resultserver] DEBUG: Task #7464478: File upload for 'files/2cbbfbe12768f624_usercache.bin'
2026-02-24 21:42:42,103 [cuckoo.core.resultserver] DEBUG: Task #7464478 uploaded file length: 69063
2026-02-24 21:42:42,123 [cuckoo.core.resultserver] DEBUG: Task #7464478 had connection reset for <Context for LOG>
2026-02-24 21:42:44,267 [cuckoo.core.guest] INFO: win7x6428: analysis completed successfully
2026-02-24 21:42:44,280 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2026-02-24 21:42:44,317 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2026-02-24 21:42:45,178 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6428 to path /srv/cuckoo/cwd/storage/analyses/7464478/memory.dmp
2026-02-24 21:42:45,180 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6428
2026-02-24 21:43:30,877 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.228 for task #7464478
2026-02-24 21:43:31,905 [cuckoo.core.scheduler] DEBUG: Released database task #7464478
2026-02-24 21:43:31,926 [cuckoo.core.scheduler] INFO: Task #7464478: analysis procedure completed

Signatures

Yara rule detected for file (1 event)
description (no description) rule invalid_trailer_structure
Screenshots
Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action VT Location
No hosts contacted.
Cuckoo

We're processing your submission... This could take a few seconds.