Malicious PDF — malware analysis report

Static analysis result for SHA-256 209bc37b2049ce87…

MALICIOUS

PDF

18.0 KB Created: 2019-05-02 05:03:37 +01:00 Authoring application: mPDF 5.7
MD5: b8534464b181df5f822e2b508cb0e986 SHA-1: 414221b348e993792d6693aa44b8cbf6382b73e7 SHA-256: 209bc37b2049ce87ec3ba5a591ecc876bf9b804b6e6a99bca103ad1807bec40a
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links pointing to external PDF files hosted on the domain 'cefasfese.4pu.com'. This behavior is indicative of a link farm or a lure to download further malicious content. The ML classifier also flagged this PDF as malicious with high confidence. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9807

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/5730730735732739/The-Devil-s-Game-by-Michael-Diaz.pdf
    • http://cefasfese.4pu.com/2733736739730738/The-Devil-s-Game-by-S-L-Pierce.pdf
    • http://cefasfese.4pu.com/4733736734738732/The-Bernal-D-az-chronicles-the-true-story-of-the-conquest-of-Mexico-Translated-and-edited-by-Albert-Idell-by-Bernal-D-az-del-Castillo.pdf
    • http://cefasfese.4pu.com/3730732731739735/Devil-s-Game-Reapers-MC-3-by-Joanna-Wylde.pdf
    • http://cefasfese.4pu.com/9732738736733735/Devil-s-Game-How-the-United-States-Helped-Unleash-Fundamentalist-Islam-by-Robert-Dreyfuss.pdf
    • http://cefasfese.4pu.com/3733735739732730/Devil-s-Day-by-Andrew-Michael-Hurley.pdf
    • http://cefasfese.4pu.com/6736731735738/War-Game-by-Michael-Foreman.pdf
    • http://cefasfese.4pu.com/3736730733738731/Devil-s-Throat-The-River-6-by-Michael-Richan.pdf
    • http://cefasfese.4pu.com/6735731738736/For-Love-of-the-Game-by-Michael-Shaara.pdf
    • http://cefasfese.4pu.com/3730738731731734/Gemini-Game-by-Michael-Scott.pdf
    • http://cefasfese.4pu.com/1737739732732733/All-Good-Men-Serve-the-Devil-Sullivan-s-War-1-by-Michael-K-Rose.pdf
    • http://cefasfese.4pu.com/2732739735737733/Dancing-With-the-Devil-Nikki-amp-Michael-1-by-Keri-Arthur.pdf
    • http://cefasfese.4pu.com/1734733731733736/The-Devil-s-Acolyte-Knights-Templar-13-by-Michael-Jecks.pdf
    • http://cefasfese.4pu.com/3731737732730730/Moneyball-The-Art-of-Winning-an-Unfair-Game-by-Michael-Lewis.pdf
    • http://cefasfese.4pu.com/4737731739736738/The-Blind-Side-Evolution-of-a-Game-by-Michael-Lewis.pdf
    • http://cefasfese.4pu.com/1736739733738733/Moneyball-The-Art-of-Winning-an-Unfair-Game-by-Michael-Lewis.pdf
    • http://cefasfese.4pu.com/1737736733730735/Video-Game-Plotline-Tester-The-Dark-Herbalist-1-by-Michael-Atamanov.pdf
    • http://cefasfese.4pu.com/1731735730735739731/Rigging-the-Game-How-Inequality-Is-Reproduced-in-Everyday-Life-by-Michael-Schwalbe.pdf
    • http://cefasfese.4pu.com/4736738737734739/The-Devil-s-Pleasure-Palace-Critical-Theory-and-the-Assault-on-American-Culture-by-Michael-Walsh.pdf
    • http://cefasfese.4pu.com/1730733738734736731/AI-Game-Engine-Programming-Game-Development-Series-Charles-River-Media-Game-Development-by-Brian-Schwab.pdf
    • http://cefasfese.4pu.com/6735731738736/For-Love-of-the-Game-by-Michae

Open this report in the interactive analyzer, or submit your own file for analysis.