Malicious PDF — malware analysis report

Static analysis result for SHA-256 11df7597593d5897…

MALICIOUS

PDF

16.2 KB Created: 2019-05-02 07:29:31 +01:00 Authoring application: mPDF 5.7
MD5: 1f7bc9656fd6059469efa94ac6a4dd14 SHA-1: af89e01d0ad18c4915db8dd8d93f2cf8de25bf9e SHA-256: 11df7597593d589791aeb67a5c647c6f512c26d5024bffad724f6034843b1464
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains a large number of embedded URLs, identified as a link farm, which is a common technique for SEO manipulation or distributing malicious content. The ML classifier also flagged the PDF as malicious. The primary attack pattern observed is the distribution of a large number of links, likely to direct users to potentially harmful content or phishing sites.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9898

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1730735733732736735/The-Oliphant--Smith-Debate-by-W-L-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733733731730/Memoir-of-the-Life-of-Laurence-Oliphant-and-of-Alice-Oliphant-His-Wife-by-Margaret-Wilson-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733733730738/Memoir-of-the-Life-of-Laurence-Oliphant-and-of-Alice-Oliphant-His-Wife-Volume-2-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733733730736/Memoir-of-the-Life-of-Laurence-Oliphant-and-of-Alice-Oliphant-His-Wife-Volume-2-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731736739/Collected-Stories-by-Margaret-Oliphant-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733730738738/The-Works-of-Margaret-Oliphant-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731736737/Oliphant-s-Anthem-by-Pat-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733733731735/The-Classic-Works-of-Laurence-Oliphant-by-Laurence-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731737738/Works-of-Laurence-Oliphant-by-Laurence-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733730739731/He-That-Will-Not-When-He-May-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/3734734737738731/Hester-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731736733/The-Open-Door-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731738734/Old-Lady-Mary-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733733731739/The-Secret-Chamber-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731738735/The-Curate-in-Charge-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/6735738736730734/The-Marriage-of-Elinor-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/4739739738735738/The-House-on-the-Moor-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731737735/A-Country-Gentleman-and-his-Family-by-Mrs-Oliphant.pdf
    • http://cefasfese.4pu.com/1730735733731738738/Margaret-Oliphant-by-Jenni-Calder.pdf
    • http://cefasfese.4pu.com/1730735733730739737/The-Rector-and-The-Doctor-s-Family-by-Mrs-Oliphant.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.