Malicious PDF — malware analysis report

Static analysis result for SHA-256 6077a8b3d4e00080…

MALICIOUS

PDF

15.1 KB Created: 2019-05-02 17:27:07 +01:00 Authoring application: mPDF 5.7
MD5: 011bc3038cdbc20c0d46413f7e93115f SHA-1: 004a9619b60a0fd401e2aa9fd01b637888d88cfa SHA-256: 6077a8b3d4e0008033e21f5e09535a92f35e1bd52b58756fbcb2ba18c9320a2f
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

This PDF document contains a large number of embedded URLs, identified as a link farm. The primary heuristic indicates this is likely for SEO manipulation or to distribute further malicious content. While no scripts were extracted, the presence of numerous external links suggests a potential for initial access via spearphishing attachment, leading to further compromise.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/4736731735738738/Shuffle-Of-Angel-s-Feet-Ramsey-Family-Chronicles-2-by-T-A-Chase.pdf
    • http://cefasfese.4pu.com/7733730733733/Kent-Family-Chronicles-3-Volumes-in-1-Kent-Family-Chronicles-1-3-by-John-Jakes.pdf
    • http://cefasfese.4pu.com/2731739730737738/Dead-on-My-Feet-The-Halflife-Chronicles-Book-2-by-Wm-Mark-Simmons.pdf
    • http://cefasfese.4pu.com/3730734735738730/Angel-amp-Faith-Family-Reunion-Part-1-Angel-amp-Faith-11-by-Christos-Gage.pdf
    • http://cefasfese.4pu.com/3730736731734731/Angel-amp-Faith-Family-Reunion-Part-3-Angel-amp-Faith-13-by-Christos-Gage.pdf
    • http://cefasfese.4pu.com/3730735739739733/Angel-amp-Faith-Family-Reunion-Part-2-Angel-amp-Faith-12-by-Christos-Gage.pdf
    • http://cefasfese.4pu.com/3737733731739730/Origins-of-Dark-Angel-Starfire-Angels-Dark-Angel-Chronicles-3-5-by-Melanie-Nilles.pdf
    • http://cefasfese.4pu.com/2730734736734731/A-Secret-Christmas-Chase-Family-8-by-Lauren-Royal.pdf
    • http://cefasfese.4pu.com/1730734730731730739/A-Thankful-Love-Richards-Family-1-by-K-Victoria-Chase.pdf
    • http://cefasfese.4pu.com/2732738731734730/Family-Affair-Chase-Banter-Trilogy-Book-1-by-Saxon-Bennett.pdf
    • http://cefasfese.4pu.com/2730737738735/Lost-in-Temptation-Regency-Chase-Family-Series-1-by-Lauren-Royal.pdf
    • http://cefasfese.4pu.com/2733730739733737/Dave-Ramsey-s-Financial-Peace-University-Workbook-by-Dave-Ramsey.pdf
    • http://cefasfese.4pu.com/6738735739736/Highland-Angel-Murray-Family-7-by-Hannah-Howell.pdf
    • http://cefasfese.4pu.com/2737732738730731/Saffy-s-Angel-Casson-Family-1-by-Hilary-McKay.pdf
    • http://cefasfese.4pu.com/3735738734730733/Saffy-s-Angel-Casson-Family-1-by-Hilary-McKay.pdf
    • http://cefasfese.4pu.com/1734737733736736/Cowboy-Shuffle-by-Cat-Johnson.pdf
    • http://cefasfese.4pu.com/3738736735735734/Detroit-Shuffle-by-D-E-Johnson.pdf
    • http://cefasfese.4pu.com/1730738737730732/Angel-Kiss-Intercessor-Chronicles-by-J-F-Chesser.pdf
    • http://cefasfese.4pu.com/7734736732734739/Angel-Codes-The-AngelFire-Chronicles-3-by-Ami-Blackwelder.pdf
    • http://cefasfese.4pu.com/2735737736736730/Angel-s-Haylo-Elven-Chronicles-0-5-by-M-A-Abraham.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.