MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF file contains a large number of embedded URLs pointing to external PDF documents, a technique often used for SEO poisoning or to redirect users to malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass external PDF link farm, with the dominant host being 'cefasfese.4pu.com'. While the URLs themselves are marked as benign, the sheer volume and the nature of the heuristic suggest a malicious intent to drive traffic to this domain, potentially for further exploitation or to host malicious content disguised as legitimate files.
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cefasfese.4pu.com/3732739737736/Something-Borrowed-Darcy-amp-Rachel-1-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/3738733737739734/The-Diary-of-Darcy-J-Rhone-Darcy-amp-Rachel-0-5-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/4739739733732737/Something-Blue-Darcy-amp-Rachel-2-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/4732733735737730/The-One-and-Only-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/1736736734733734/The-One-amp-Only-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/3733738736/First-Comes-Love-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/3736733730734733/Something-Blue-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/2738730737736736/Love-the-One-You-re-With-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/4735738732737/Baby-Proof-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/2736736738736731/Heart-of-the-Matter-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/5730732737737735/Baby-Proof-by-Emily-Giffin.pdf
- http://cefasfese.4pu.com/1732736734733732/The-Exploits-amp-Adventures-of-Miss-Alethea-Darcy-Darcy-2-by-Elizabeth-Aston.pdf
- http://cefasfese.4pu.com/4738733738731/Mr-amp-Mrs-Fitzwilliam-Darcy-Two-Shall-Become-One-Darcy-Saga-1-by-Sharon-Lathan.pdf
- http://cefasfese.4pu.com/1734736739732739/Darcy-amp-Elizabeth-Nights-and-Days-at-Pemberley-Darcy-amp-Elizabeth-2-by-Linda-Berdoll.pdf
- http://cefasfese.4pu.com/3739730730738733/Mr-Darcy-s-Pride-and-Joy-A-Pride-and-Prejudice-Variation-The-Darcy-Novels-3-by-Monica-Fairview.pdf
- http://cefasfese.4pu.com/3738739738735730/Mr-Darcy-Bites-Back-Darcy-Bites-2-by-Mary-Lydon-Simonsen.pdf
- http://cefasfese.4pu.com/1734737730734737/Something-Borrowed-by-Eve-Dangerfield.pdf
- http://cefasfese.4pu.com/1739735737737733/A-Borrowed-Man-by-Gene-Wolfe.pdf
- http://cefasfese.4pu.com/1739737738735730/Something-Borrowed-by-Catherine-Hapka.pdf
- http://cefasfese.4pu.com/3731737730730734/Something-Borrowed-by-Rebecca-Hagan-Lee.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.