Malicious PDF — malware analysis report

Static analysis result for SHA-256 44c3e13ac868c503…

MALICIOUS

PDF

15.9 KB Created: 2019-06-05 06:24:34 +01:00 Authoring application: mPDF 5.7
MD5: 675f6ce3ea310157dd375b6b307a71c2 SHA-1: 087ea3c94b787d2616d28da0138fcae05d4ffdc5 SHA-256: 44c3e13ac868c5038075c89f3b911f6bdb6403961c3585a9520f02371093a357
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded external links, as indicated by the PDF_SEO_LINK_FARM heuristic. The document body also contains these URLs, suggesting the primary intent is to redirect users to these external sites. No scripts were extracted, and the nature of the links suggests a potential SEO poisoning or link farm attack, aiming to drive traffic to potentially malicious or unwanted content.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/3735732731731734/Inferno-Tales-of-the-Were-2-by-Bianca-D-39-Arc.pdf
    • http://cefasfese.4pu.com/1737738733731738/Grif-Lords-of-the-Were-Universe-14-Tales-of-the-Were-Redstone-Clan-1-by-Bianca-D-39-Arc.pdf
    • http://cefasfese.4pu.com/3737734736735734/X-Men-Inferno-Vol-1-X-Men-Inferno-1-by-Louise-Simonson.pdf
    • http://cefasfese.4pu.com/3733734730733739/Gabriel-s-Inferno-Gabriel-s-Inferno-1-by-Sylvain-Reynard.pdf
    • http://cefasfese.4pu.com/3734730730735733/Star-Wars-Tales-Omnibus-Tales-from-the-Mos-Eisley-Cantina-Tales-of-the-Bounty-Hunters-and-Tales-from-Jabba-s-Palace-by-Kevin-J-Anderson.pdf
    • http://cefasfese.4pu.com/4737735730737733/Pet-Tales-Tabby-Cat-Tales-and-Guinea-Pig-Tales-by-Becky-Corwin-Adams.pdf
    • http://cefasfese.4pu.com/5736730730736730/The-Inferno-by-Dante-Alighieri.pdf
    • http://cefasfese.4pu.com/3734734733737736/Into-the-Inferno-by-Earl-Emerson.pdf
    • http://cefasfese.4pu.com/7737737731735/Boca-do-Inferno-by-Ana-Miranda.pdf
    • http://cefasfese.4pu.com/7738735738734734/The-Inferno-by-Dante-Alighieri.pdf
    • http://cefasfese.4pu.com/8739739734730736/Beauty-and-the-Inferno-by-Roberto-Saviano.pdf
    • http://cefasfese.4pu.com/1735735739737733/Inferno-The-Kindred-4-by-Erica-Stevens.pdf
    • http://cefasfese.4pu.com/2733732730738732/Inferno-Indigo-2-by-Louise-Cooper.pdf
    • http://cefasfese.4pu.com/1731734730734738730/Scorch-Black-Inferno-4-by-K-T-Fisher.pdf
    • http://cefasfese.4pu.com/6738730737732739/Brushfire-Illuminations-from-the-Inferno-by-Wayne-Barlowe.pdf
    • http://cefasfese.4pu.com/2739736732736733/Inferno-Chronicles-of-Nick-4-by-Sherrilyn-Kenyon.pdf
    • http://cefasfese.4pu.com/6734738737730/The-Inferno-The-Divine-Comedy-1-by-Dante-Alighieri.pdf
    • http://cefasfese.4pu.com/5733739731736732/The-Divine-Comedy---Inferno-by-Dante-Alighieri.pdf
    • http://cefasfese.4pu.com/4734738732730736/Inferno-Pacific-Cove-1-by-Stormy-Glenn.pdf
    • http://cefasfese.4pu.com/6730731734737737/The-Divine-Comedy-Inferno-by-Dante-Alighieri.pdf
    • http://cefasfese.4pu.com/7738735738734734/The-Inf

Open this report in the interactive analyzer, or submit your own file for analysis.