Malicious PDF — malware analysis report

Static analysis result for SHA-256 64505eeacee3f95a…

MALICIOUS

PDF

14.5 KB Created: 2019-11-09 23:26:24 +00:00 Authoring application: mPDF 5.7
MD5: 635c788de9fb27854d18a6e2a38ac0fb SHA-1: 402efe1ce620728f9658acfe28113c98b98bb550 SHA-256: 64505eeacee3f95ab57d19d3ca22dec71766d3dec67b32f7d0c778013f82e38d
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are marked as benign, the sheer volume and the heuristic firing of 'PDF_SEO_LINK_FARM' suggest a malicious intent, possibly for SEO manipulation or to redirect users to malicious content hosted on similar domains. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/9736739734731738/Love-s-Silver-Lining-Silver-Lining-Ranch-1-by-Julie-Lessman.pdf
    • http://cefasfese.4pu.com/9736739736733733/Silver-Lining-by-Rebecca-York.pdf
    • http://cefasfese.4pu.com/9736739735732733/The-Silver-Lining-by-Tessa-Barclay.pdf
    • http://cefasfese.4pu.com/9736739735731731/The-Silver-Lining-by-Sameh-Strauch.pdf
    • http://cefasfese.4pu.com/9736739736734734/Silver-Lining-by-Charles-Cohen.pdf
    • http://cefasfese.4pu.com/1732730733737736/Silver-Lining-by-Maggie-Osborne.pdf
    • http://cefasfese.4pu.com/4733733737736733/My-Silver-Lining-by-Rachael-Ruble.pdf
    • http://cefasfese.4pu.com/2730730734738734/Silver-Lining-by-Godwin-Iheanacho.pdf
    • http://cefasfese.4pu.com/9736739736733738/Silver-Lining-by-Susan-Hardy.pdf
    • http://cefasfese.4pu.com/9736739735731739/Every-Cloud-Has-a-Silver-Lining-by-Summersdale.pdf
    • http://cefasfese.4pu.com/9736739735732735/Silver-Lining-The-Guardian-of-Man-2-5-by-Melissa-A-Smith.pdf
    • http://cefasfese.4pu.com/9736739736734732/The-Spy-with-the-Silver-Lining-Spy-Games-4-by-Wendy-Rosnau.pdf
    • http://cefasfese.4pu.com/9736739733735732/The-Color-of-a-Silver-Lining-by-Julianne-MacLean.pdf
    • http://cefasfese.4pu.com/7738730730736739/A-Silver-Lining-From-Acadie-to-Louisiana-by-Ollie-Ann-Porche-Voelker.pdf
    • http://cefasfese.4pu.com/2732736732732/Every-Silver-Lining-Has-a-Cloud-Relapse-and-the-Symptoms-of-Sobriety-by-Scott-Stevens.pdf
    • http://cefasfese.4pu.com/9736739734732738/The-Silver-Lining-An-Insightful-Guide-to-the-Realities-of-Breast-Cancer-by-Hollye-Jacobs.pdf
    • http://cefasfese.4pu.com/1738738735737735/His-Steadfast-Love-Isle-of-Hope-3-by-Julie-Lessman.pdf
    • http://cefasfese.4pu.com/2737731732735731/Mason-The-Lawmen-of-Silver-Creek-Ranch-6-by-Delores-Fossen.pdf
    • http://cefasfese.4pu.com/1730733733734732736/Landon-The-Lawmen-of-Silver-Creek-Ranch-9-by-Delores-Fossen.pdf
    • http://cefasfese.4pu.com/2732738734739734/Silver-Bullet-Falls-Chance-Ranch-4-by-Rolf-and-Ranger.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.