Malicious PDF — malware analysis report

Static analysis result for SHA-256 01aa04714a64c833…

MALICIOUS

PDF

17.8 KB Created: 2019-11-07 11:15:01 +00:00 Authoring application: mPDF 5.7
MD5: 735f6163e57b36a0b2e3dda31fcdd09a SHA-1: 31aca02a882d7b4d00fb293334788c9d5fb8f3a5 SHA-256: 01aa04714a64c8337e8899ff180f4e679b3180fbb0f20ebcf5f7f72c405a3a8e
92 Risk Score

Malware Insights

MITRE ATT&CK
T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are currently marked as benign, the sheer volume and the heuristic's name suggest a malicious intent, possibly for SEO spam or to distribute further malware. The ML_NYX_PDF_MALICIOUS classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/9731739731732735/Veronica-I-Heard-Your-Mom-s-Black-The-Veronica-Series-1-by-Catherine-M-Greenspan.pdf
    • http://cefasfese.4pu.com/3734736730737734/Miss-Black-America-by-Veronica-Chambers.pdf
    • http://cefasfese.4pu.com/1730733731731734738/Allegiant-Divergent-Series-by-Veronica-Roth----Review-by-Expert-Book-Reviews.pdf
    • http://cefasfese.4pu.com/3731733735737735/Investigating-Veronica-Mars-Essays-on-the-Teen-Detective-Series-by-Rhonda-V-Wilcox.pdf
    • http://cefasfese.4pu.com/4731732733736730/Betty-amp-Veronica-2016--1-Betty-amp-Veronica-2016-2017-by-Adam-Hughes.pdf
    • http://cefasfese.4pu.com/7730733734739738/Deanna-Raybourn-Books-2017-Checklist-Reading-Order-of-A-Spear-of-Summer-Grass-Series-City-of-Jasmine-Series-Lady-Julia-Grey-Series-Veronica-Speedwell-Series-and-List-of-All-Deanna-Raybourn-Books-by-Platinum-List.pdf
    • http://cefasfese.4pu.com/1730733731731731731/Divergent-Divergent-Series-By-Veronica-Roth----Review-by-Expert-Book-Reviews.pdf
    • http://cefasfese.4pu.com/6732730734739731/Persepolis-Concluded-Persepolis-Series-by-Veronica-Platzer.pdf
    • http://cefasfese.4pu.com/6730730734732/Divergent-Series-Box-Set-Divergent-1---2-by-Veronica-Roth.pdf
    • http://cefasfese.4pu.com/4738731732738736/Him-or-Me-by-Veronica-Larsen.pdf
    • http://cefasfese.4pu.com/6734735735739/Under-the-Never-Sky-Under-the-Never-Sky-1-by-Veronica-Rossi.pdf
    • http://cefasfese.4pu.com/5732738733732/Bambi-by-Veronica-.pdf
    • http://cefasfese.4pu.com/2734735733736733/Under-the-Never-Sky-Under-the-Never-Sky-1-by-Veronica-Rossi.pdf
    • http://cefasfese.4pu.com/3738731734730737/Into-the-Still-Blue-Under-the-Never-Sky-3-by-Veronica-Rossi.pdf
    • http://cefasfese.4pu.com/3731734730739735/Entice-by-Veronica-Larsen.pdf
    • http://cefasfese.4pu.com/3738731731733731/Through-the-Ever-Night-Under-the-Never-Sky-2-by-Veronica-Rossi.pdf
    • http://cefasfese.4pu.com/3732737732731731/Olive-by-Veronica-Short.pdf
    • http://cefasfese.4pu.com/1732736737734735/Four-The-Son-Divergent-0-3-by-Veronica-Roth.pdf
    • http://cefasfese.4pu.com/2735730730738736/Just-in-Time-by-Veronica-Maxim.pdf
    • http://cefasfese.4pu.com/5734735737734736/Gabrielle-by-Veronica-Sattler.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.