Malicious PDF — malware analysis report

Static analysis result for SHA-256 26cab550c23d53e6…

MALICIOUS

PDF

12.4 KB Created: 2019-11-07 16:52:54 +00:00 Authoring application: mPDF 5.7
MD5: a3b3f33150046ae261d3c19956dbb1ef SHA-1: 1dc537531d9ac24c07fad2f7b34c9c42ea97efd2 SHA-256: 26cab550c23d53e663597a2ef5c84a81255f00d54d6e5390aec25ba14095be73
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs pointing to external websites, as indicated by the 'PDF_SEO_LINK_FARM' heuristic. The ML classifier also flagged the document as malicious. The embedded URLs, while individually marked as benign, collectively form a link farm, suggesting a deceptive or malicious intent, possibly to distribute further malware or engage in SEO spam. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/3730732738739731/Taken-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4738730739736735/A-Different-Angle-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/1731735738736738/Second-Chance-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4732735732739736/Unfolding-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4736737735736735/Rapunzel-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4736737734739738/Bluebeard-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4737739732737730/Christa-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4737739734736738/Tina-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4738731733734736/Man-of-the-House-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4738730739736731/Starving-Artist-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/3739732734738736/Grace-Under-Mr-Nolan-s-Bed-3-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4731733734735732/The-Surrender-of-Persephone-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/3736737739733730/Stepbrother-Studs-Cameron-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4737739734737735/In-the-Fold-Sibling-Lust-1-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/2738738731738736/A-Twisted-Bard-s-Tale-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/2736730735736737/The-Real-Mother-Goose-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/3730731734737730/First-Time-With-My-Stepbrother-Boxed-Set-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/4737739734737732/Under-the-Stars-Sibling-Lust-4-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/5735736734739733/The-Laundry-Chute-A-Paranormal-Tale-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/5737734738736733/BDSM-Erotica-A-Hot-Hardcore-Anthology-by-Selena-Kitt.pdf
    • http://cefasfese.4pu.com/3730731734737730

Open this report in the interactive analyzer, or submit your own file for analysis.