Malicious PDF — malware analysis report

Static analysis result for SHA-256 1f877b9a340f90c7…

MALICIOUS

PDF

15.5 KB Created: 2019-11-07 21:53:27 +00:00 Authoring application: mPDF 5.7
MD5: 45f5d25226be47b1f5653351dc1b6434 SHA-1: 7b3ea9e5df8e6e84f77fb88ae58cb0a473762b4d SHA-256: 1f877b9a340f90c7b331b6b3e75724d752777c927c7189c23f15225c67a3f6ff
60 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF file contains a large number of embedded URLs pointing to a single domain, 'cefasfese.4pu.com'. This pattern is indicative of a link farm designed to attract traffic or potentially distribute further malicious content. While the URLs themselves are marked as benign, the sheer volume and the heuristic firing of 'PDF_SEO_LINK_FARM' suggest a malicious intent to manipulate search engine results or direct users to potentially harmful content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/6730730738735733/Yael-Wake-Up-Wake-Up-Series-1-by-Dakila-Reed.pdf
    • http://cefasfese.4pu.com/8733734732734731/Power-Vibrancy-Wake-Up-Guide-How-to-Wake-Up-On-Time-Stress-Free-and-Fall-Asleep-at-Night-in-20-Seconds-The-Wisdom-Faculty-Series-Book-3-by-Martin-Marsi.pdf
    • http://cefasfese.4pu.com/6739733731739/When-We-Wake-When-We-Wake-1-by-Karen-Healey.pdf
    • http://cefasfese.4pu.com/3733735730739/Wake-Wake-1-by-Lisa-McMann.pdf
    • http://cefasfese.4pu.com/2738735735735739/Memory-s-Wake-Memory-s-Wake-Trilogy-1-by-Selina-Fenech.pdf
    • http://cefasfese.4pu.com/4736738730732730/Wake-Up-Call-Wake-Up-Call-1-by-Amy-Avanzino.pdf
    • http://cefasfese.4pu.com/4739734738730735/Kiera-Hudson-Limited-Edition-Series-One-Vampire-Shift-Vampire-Wake-amp-Vampire-Hunt-Book-1-by-Tim-O-39-Rourke.pdf
    • http://cefasfese.4pu.com/8732734730736/If-I-Should-Die-Before-I-Wake-by-Han-Nolan.pdf
    • http://cefasfese.4pu.com/4730736738734731/Before-I-Wake-by-Eli-Easton.pdf
    • http://cefasfese.4pu.com/1734738730736737/In-the-Wake-by-Per-Petterson.pdf
    • http://cefasfese.4pu.com/3735739734733738/Wake-Me-Up-by-Justin-Bog.pdf
    • http://cefasfese.4pu.com/2733737735734/The-Wake-by-Scott-Snyder.pdf
    • http://cefasfese.4pu.com/4733739738732735/Wake-Up-Sir-by-Jonathan-Ames.pdf
    • http://cefasfese.4pu.com/2733735739733735/Before-I-Wake-by-Robert-J-Wiersema.pdf
    • http://cefasfese.4pu.com/1730738736738/WWW-Wake-WWW-1-by-Robert-J-Sawyer.pdf
    • http://cefasfese.4pu.com/1739732733732738/As-I-Wake-by-Elizabeth-Scott.pdf
    • http://cefasfese.4pu.com/3730733737737732/Wake-by-Abria-Mattina.pdf
    • http://cefasfese.4pu.com/3735736735730/The-Wake-by-Paul-Kingsnorth.pdf
    • http://cefasfese.4pu.com/1737739739731730/While-We-Run-When-We-Wake-2-by-Karen-Healey.pdf
    • http://cefasfese.4pu.com/1731730732739738/Wake-Unto-Me-by-Lisa-Cach.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.