Malicious PDF — malware analysis report

Static analysis result for SHA-256 3c333816408fd216…

MALICIOUS

PDF

16.2 KB Created: 2019-04-30 07:46:31 +01:00 Authoring application: mPDF 5.7
MD5: 8a6e868ee46a3a7edff9b9815cd6a7e5 SHA-1: 98e01fcc9b0d0822575f944d05f74b49a4a0852d SHA-256: 3c333816408fd2169636b19155f8dc9ead133ffdccd6e4441072df8faf97afcd
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links to external PDF documents, as indicated by the PDF_SEO_LINK_FARM heuristic. The document body also contains these URLs, suggesting a deliberate attempt to direct users to a large collection of linked content. The primary purpose appears to be SEO poisoning or hosting malicious content disguised as legitimate documents.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/8731732734731737/Stokes-Field-Guide-to-Birds-Western-Region-by-Donald-Stokes.pdf
    • http://cefasfese.4pu.com/8731732734731738/National-Audubon-Society-Field-Guide-to-North-American-Birds-Western-Region-by-Miklos-D-F-Udvardy.pdf
    • http://cefasfese.4pu.com/6737736734738739/Dorian-s-Mate-by-Y-L-Stokes.pdf
    • http://cefasfese.4pu.com/4737731731733734/The-Wishing-Jar-by-Penelope-J-Stokes.pdf
    • http://cefasfese.4pu.com/4735731/Liars-Inc-by-Paula-Stokes.pdf
    • http://cefasfese.4pu.com/8734734734733739/The-Cinder-Queen-by-D-R-Stokes.pdf
    • http://cefasfese.4pu.com/2733733732736730/The-Wishing-Jar-by-Penelope-J-Stokes.pdf
    • http://cefasfese.4pu.com/1735738737732732/The-Treasure-Box-by-Penelope-J-Stokes.pdf
    • http://cefasfese.4pu.com/8731732734732738/The-Audubon-Society-Field-Guide-to-North-American-Wildflowers-Eastern-Region-by-William-A-Niering.pdf
    • http://cefasfese.4pu.com/8731732732737738/National-Audubon-Society-Field-Guide-to-North-American-Trees-Eastern-Region-by-Elbert-L-Little.pdf
    • http://cefasfese.4pu.com/3732735733736731/The-Amethyst-Heart-by-Penelope-J-Stokes.pdf
    • http://cefasfese.4pu.com/2731730736739730/The-Tree-People-by-Naomi-M-Stokes.pdf
    • http://cefasfese.4pu.com/7732733735738734/Electric-Static-2-by-Tawny-Stokes.pdf
    • http://cefasfese.4pu.com/3739739735733734/Wiley-and-the-Hairy-Man-by-Jack-Stokes.pdf
    • http://cefasfese.4pu.com/9733733730739735/From-Stalinism-to-Pluralism-by-Gale-Stokes.pdf
    • http://cefasfese.4pu.com/3739737736738739/Fadeaway-by-Maura-Ellen-Stokes.pdf
    • http://cefasfese.4pu.com/5731736739737730/His-Father-s-Ways-by-Kenneth-Stokes.pdf
    • http://cefasfese.4pu.com/3732734737/Girl-Against-the-Universe-by-Paula-Stokes.pdf
    • http://cefasfese.4pu.com/4733730736734733/Infinite-Repeat-The-Art-of-Lainey-0-5-by-Paula-Stokes.pdf
    • http://cefasfese.4pu.com/1733738735738737/A-Field-Guide-to-the-Birds-of-Eastern-and-Central-North-America-by-Roger-Tory-Peterson.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.