Malicious PDF — malware analysis report

Static analysis result for SHA-256 25b663dd3874a3d0…

MALICIOUS

PDF

12.1 KB Created: 2019-11-07 21:52:11 +00:00 Authoring application: mPDF 5.7
MD5: 60155e39f7ffd1943ed44523efc77895 SHA-1: 22ef2689f47a3529ed6f7971a22a0de087f6ce27 SHA-256: 25b663dd3874a3d05f178d48f7a1f40125c6581130fab95e31eb4984b8b1005d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. While most individual links are marked as benign, the sheer volume and the nature of the heuristic suggest a malicious intent, possibly for SEO manipulation or to distribute further malware. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1739732733737739/Under-My-Skin-II-Under-My-Skin-2-by-M-L-Rhodes.pdf
    • http://cefasfese.4pu.com/1739732733736730/Under-My-Skin-Under-My-Skin-1-by-M-L-Rhodes.pdf
    • http://cefasfese.4pu.com/2733734731738734/Skin-Dive-Skin-4-by-Ava-Gray.pdf
    • http://cefasfese.4pu.com/3736733734738739/Skin-Tight-Skin-2-by-Ava-Gray.pdf
    • http://cefasfese.4pu.com/2733734731738732/Skin-Heat-Skin-3-by-Ava-Gray.pdf
    • http://cefasfese.4pu.com/2735733731734/Skin-Tight-Skin-2-by-Ava-Gray.pdf
    • http://cefasfese.4pu.com/9732732730738/Skin-Skin-1-by-Ilka-Tampke.pdf
    • http://cefasfese.4pu.com/2739735730734733/Skin-on-Skin-by-Sunny.pdf
    • http://cefasfese.4pu.com/9730735736739/Skin-Deep-Skin-Deep-1-by-J-M-Stone.pdf
    • http://cefasfese.4pu.com/4734733732738/Skin-by-Ted-Dekker.pdf
    • http://cefasfese.4pu.com/1736732739734739/Under-My-Skin-by-Zoe-Markham.pdf
    • http://cefasfese.4pu.com/1730735733736732735/Under-His-Skin-by-J-Haney.pdf
    • http://cefasfese.4pu.com/1731733732737733/Written-on-the-Skin-by-Liz-Porter.pdf
    • http://cefasfese.4pu.com/3733733735731734/Regret-Under-My-Skin-1-by-Christina-Lee.pdf
    • http://cefasfese.4pu.com/2730736738733735/Skin-Food-by-Type-A.pdf
    • http://cefasfese.4pu.com/8736734732732738/Lose-This-Skin-by-Tim-Murr.pdf
    • http://cefasfese.4pu.com/1730737737738736731/The-Skin-I-m-In-by-Sharon-G-Flake.pdf
    • http://cefasfese.4pu.com/1731737736733732/The-Skin-of-Water-by-G-S-Johnston.pdf
    • http://cefasfese.4pu.com/1732730737730736/Under-My-Skin-by-James-Dawson.pdf
    • http://cefasfese.4pu.com/5731739734734734/Skin-by-Tobias-Hill.pdf
    • http://cefasfese.4pu.com/2730736738733735/

Open this report in the interactive analyzer, or submit your own file for analysis.