Malicious PDF — malware analysis report

Static analysis result for SHA-256 13faca47a0b4b006…

MALICIOUS

PDF

14.6 KB Created: 2019-11-09 20:37:02 +00:00 Authoring application: mPDF 5.7
MD5: ecc01430aa1e4d1ed231424ff19ffbc8 SHA-1: 4cced6e059ca906b4ab3fe16b3ec2d6ca67f6d47 SHA-256: 13faca47a0b4b006de8bd6351873b3529dd9a322b103dda60c7287f07ad6cec0
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external documents on the domain 'cefasfese.4pu.com'. This domain and the structure of the URLs suggest a link farm or SEO manipulation tactic, likely intended to drive traffic or potentially host malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/3733735731739737/Beautifully-Awake-Beautifully-Awake-1-by-Riley-Mackenzie.pdf
    • http://cefasfese.4pu.com/2739730731735734/Wide-Awake-Wide-Awake-1-by-Kade-Boehme.pdf
    • http://cefasfese.4pu.com/7733735731732730/Kathleen-The-Life-of-Kathleen-Ferrier-by-Maurice-Leonard.pdf
    • http://cefasfese.4pu.com/1731730732733737731/Iona-by-E-M-Knowles.pdf
    • http://cefasfese.4pu.com/1733732731739/See-You-at-Harry-s-by-Jo-Knowles.pdf
    • http://cefasfese.4pu.com/9732739732732735/Worn-by-Richard-Knowles.pdf
    • http://cefasfese.4pu.com/1736730734732731/Concubine-by-Jill-Knowles.pdf
    • http://cefasfese.4pu.com/4732732733738738/Still-a-Work-in-Progress-by-Jo-Knowles.pdf
    • http://cefasfese.4pu.com/2737738734732737/Promises-Kept-by-Erosa-Knowles.pdf
    • http://cefasfese.4pu.com/7733734738733737/Little-Drifters-Kathleen-s-Story-by-Kathleen-O-39-Shea.pdf
    • http://cefasfese.4pu.com/1736737735734737/The-Ezekiel-Project-by-Christina-Knowles.pdf
    • http://cefasfese.4pu.com/4731733731733732/Lessons-from-a-Dead-Girl-by-Jo-Knowles.pdf
    • http://cefasfese.4pu.com/2734735730739732/Lyon-on-a-Leash-by-Erosa-Knowles.pdf
    • http://cefasfese.4pu.com/9735739732732739/A-Separate-Peace-with-related-Readings-by-John-Knowles.pdf
    • http://cefasfese.4pu.com/1732735733733737/Living-with-Jackie-Chan-Jumping-Off-Swings-2-by-Jo-Knowles.pdf
    • http://cefasfese.4pu.com/5737734738739733/The-Legends-of-King-Arthur-and-His-Knights-by-James-Knowles.pdf
    • http://cefasfese.4pu.com/3739732735737731/The-Wayward-Daughter-Shadow-Souls-MC-Book-1-by-Tamara-Knowles.pdf
    • http://cefasfese.4pu.com/1733734739730733/Awake-by-Egan-Yip.pdf
    • http://cefasfese.4pu.com/5730730733736732/Secret-History-of-Rock-n-Roll-The-Mysterious-Roots-of-Modern-Music-by-Christopher-Knowles.pdf
    • http://cefasfese.4pu.com/4735739734737738/Torn-Awake-by-Forrest-Gander.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.