Malicious PDF — malware analysis report

Static analysis result for SHA-256 355b59ca102cff96…

MALICIOUS

PDF

12.8 KB Created: 2019-05-02 05:03:58 +01:00 Authoring application: mPDF 5.7
MD5: b8ba3c1f818ebf6963ad491712413df4 SHA-1: d8e5b4c86b77f47abe9fa3f3726bdd22e580dd32 SHA-256: 355b59ca102cff96b277c21f76e64e3f5e37cb542c350756c8ed9c06427893b3
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

This PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. The links predominantly point to book titles hosted on the 'cefasfese.4pu.com' domain. While the individual URLs are marked as benign, the sheer volume and structure suggest a malicious intent, possibly for SEO poisoning or to distribute further malicious content through these links. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8905

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/2739736736739730/Good-In-Bed-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/2736734739734735/The-Next-Best-Thing-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/1734730733/Who-Do-You-Love-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/8734739732731736/Bij-jou-of-bij-mij-verhalen-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/3739737731732735/A-Memoir-of-Grief-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/1732738730737732/The-Half-Life-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/2739731739736739/Good-in-Bed-Cannie-Shapiro-1-by-Jennifer-Weiner.pdf
    • http://cefasfese.4pu.com/7739737737730735/Con-il-cuore-in-mano-by-Mary-Calmes.pdf
    • http://cefasfese.4pu.com/5739733732731735/Cuore-di-tenebra-Heart-of-Darkness-by-Joseph-Conrad.pdf
    • http://cefasfese.4pu.com/4738739733735739/Getting-Near-the-End-by-Andrew-Weiner.pdf
    • http://cefasfese.4pu.com/7737738734739730/Il-battito-di-un-cuore-Nalee-Nove-Lune-Nalee-Vol-9-by-Lucrezia.pdf
    • http://cefasfese.4pu.com/4738734738731730/On-Parole-by-Akira-Yoshimura.pdf
    • http://cefasfese.4pu.com/1731731733731737733/Gram-Negative-by-Barbara-Weiner.pdf
    • http://cefasfese.4pu.com/6734735733735737/Christmas-On-Parole-by-Stacy-Dawn.pdf
    • http://cefasfese.4pu.com/4730734731738733/Yeti-s-Parole-Officer-by-K-T-Bryski.pdf
    • http://cefasfese.4pu.com/6734735733730730/Parole-in-disordine-by-Alena-Graedon.pdf
    • http://cefasfese.4pu.com/1731739734730737731/Barron-s-SAT-by-Sharon-Weiner-Green.pdf
    • http://cefasfese.4pu.com/6734735733736732/Love-s-Parole-by-Irene-Northan.pdf
    • http://cefasfese.4pu.com/6739734731739734/THE-PARVENU-PRINCESSES-by-Margery-Weiner.pdf
    • http://cefasfese.4pu.com/6734733737734733/Prendre-la-parole-en-public-by-Bernard-Blein.pdf
    • http://cefasfese.4pu.com/4730734731738733/Yeti-s-Parole-Officer-

Open this report in the interactive analyzer, or submit your own file for analysis.