Malicious PDF — malware analysis report

Static analysis result for SHA-256 67d961399168a528…

MALICIOUS

PDF

13.9 KB Created: 2019-05-04 10:24:17 +01:00 Authoring application: mPDF 5.7
MD5: e269106a951e64e8a461e6f6b30df863 SHA-1: 703b850d6822d8dd991c601c3f5cd68e6b044fc6 SHA-256: 67d961399168a528fb7dc5051a84048e4e6763d487e1899ee991cdff3916ea46
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links, forming a link farm. While the linked content appears benign, the heuristic PDF_SEO_LINK_FARM indicates a pattern of generating SEO-optimized PDFs to host external links. This technique is often used to direct users to malicious sites or to obscure the true destination of a phishing or malware distribution campaign. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/4730732739738739/Blue-Moon-Blue-Moon-and-Red-Sunset-1-by-Rowena-Sudbury.pdf
    • http://cefasfese.4pu.com/4730732739738730/Red-Sunset-Blue-Moon-and-Red-Sunset-2-by-Rowena-Sudbury.pdf
    • http://cefasfese.4pu.com/3739738735733737/Blue-Moon-House-Kitten-Blue-Moon-House-The-Prequels-Series-by-Angelica-Dawson.pdf
    • http://cefasfese.4pu.com/3733732730730735/Blue-Moon-III-Call-of-the-Alpha-Blue-Moon-3-by-A-E-Via.pdf
    • http://cefasfese.4pu.com/1734736734731733/Blue-Moon-The-Blood-Moon-Trilogy-3-by-A-D-Ryan.pdf
    • http://cefasfese.4pu.com/1737734739735735/Blue-Moon-Blue-Crystal-1-by-Pat-Spence.pdf
    • http://cefasfese.4pu.com/4733735737734737/Once-in-a-Blue-Moon-by-Joe-Vadalma.pdf
    • http://cefasfese.4pu.com/1731733739730731/Man-in-the-Blue-Moon-by-Michael-Morris.pdf
    • http://cefasfese.4pu.com/3737737731734731/Once-in-a-Blue-Moon-by-Kimberly-Hunter.pdf
    • http://cefasfese.4pu.com/4736739733732737/Blue-Moon-by-Angela-Colsin.pdf
    • http://cefasfese.4pu.com/5730735736737734/The-Boy-and-the-Blue-Moon-by-Sara-O-39-Leary.pdf
    • http://cefasfese.4pu.com/1739732732732738/Once-in-a-Blue-Moon-by-Penelope-Williamson.pdf
    • http://cefasfese.4pu.com/3738733734732735/One-Blue-Moon-by-Catrin-Collier.pdf
    • http://cefasfese.4pu.com/3739734734732735/Blue-Moon-by-Marilyn-Halvorson.pdf
    • http://cefasfese.4pu.com/3734739735735733/Twice-in-a-Blue-Moon-by-Laura-Drake.pdf
    • http://cefasfese.4pu.com/7730735737735730/The-Boudoir-by-Blue-Moon-Books.pdf
    • http://cefasfese.4pu.com/4738733730739737/Once-in-a-Blue-Moon-by-Leanna-Ellis.pdf
    • http://cefasfese.4pu.com/8730731735738/The-Last-Second-Chance-Blue-Moon-3-by-Lucy-Score.pdf
    • http://cefasfese.4pu.com/2730736733738730/Blue-Moon-Nightcreature-1-by-Lori-Handeland.pdf
    • http://cefasfese.4pu.com/9730739739736/Blue-Moon-The-Immortals-2-by-Alyson-Noel.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.