Malicious PDF — malware analysis report

Static analysis result for SHA-256 314dfd4f665368d6…

MALICIOUS

PDF

13.0 KB Created: 2019-05-02 17:53:19 +01:00 Authoring application: mPDF 5.7
MD5: 76b7b12e05bda298170c2383012bb209 SHA-1: 15b256cd5dc3660c5508b63243ed94cbc9eaccf6 SHA-256: 314dfd4f665368d6cff0c749161c7c02a8ddc6feadb3e21a08d794be6ba56d5f
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. While many of these URLs point to benign book titles, the sheer volume and the nature of the heuristic suggest a malicious intent, possibly for SEO spam or to mask malicious redirects. The embedded URLs are likely intended to lure users into clicking them, potentially leading to further compromise.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/6731735732736734/Un-Homme-Grand-Jack-Kerouac-at-the-Crossroads-of-Many-Cultures-Jack-Kerouac-a-la-Confluence-Des-Cultures-by-Pierre-Anctil.pdf
    • http://cefasfese.4pu.com/1733736735739730/Dr-Sax-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/4738732734734736/On-the-Road-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738735736734/Some-of-the-Dharma-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/4738734735735730/On-the-Road-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/9730735730739733/On-the-Road-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/9736730735732731/On-The-Road-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/8730732738735/Tristessa-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/4733739737732734/On-the-Road-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738735735739/Pomes-All-Sizes-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738736730731/Collected-Poems-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/4730732737735735/The-Dharma-Bums-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/3733730739730/The-Dharma-Bums-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738735738732/Good-Blonde-amp-Others-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/1733737735739730/The-Town-and-the-City-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/3736736739735/Desolation-Angels-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6739731736733733/Les-clochards-c-lestes-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738735737732/Orpheus-Emerged-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/2732735732733733/Book-of-Blues-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/6733738735737731/Beat-Generation-by-Jack-Kerouac.pdf
    • http://cefasfese.4pu.com/3733730739730/The-Dh

Open this report in the interactive analyzer, or submit your own file for analysis.