Malicious PDF — malware analysis report

Static analysis result for SHA-256 6aff8db395635f60…

MALICIOUS

PDF

15.0 KB Created: 2019-06-13 14:52:15 +01:00 Authoring application: mPDF 5.7
MD5: 42251ea54c43ccb2b7855d654178bab3 SHA-1: f7053a5f415dbd29abedae350be6d63d9008b748 SHA-256: 6aff8db395635f600201af0660547688c446a3b95c72fe4e7cf1e2e1e5e1105b
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, many of which point to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML_NYX_PDF_MALICIOUS classifier also flagged the document. The embedded URLs are likely intended to direct users to malicious content or phishing sites, masquerading as legitimate documents.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/4732738730733735/Witch-s-Kurse-Damned-and-Cursed-5-by-Glenn-Bullion.pdf
    • http://cefasfese.4pu.com/2730736735738730/Living-Dead-Girl-Living-Dead-World-1-by-Nessie-Strange.pdf
    • http://cefasfese.4pu.com/1737733735739/The-Queen-Is-Dead-by-Glenn-Kezer.pdf
    • http://cefasfese.4pu.com/3737735735736739/How-to-Make-the-Most-of-Your-Earth-Experience-14-Principles-for-Living-Unconditional-Love-by-Glenn-Younger.pdf
    • http://cefasfese.4pu.com/2735738738739732/The-Living-Dead-by-T-H-Lain.pdf
    • http://cefasfese.4pu.com/4730736730734730/The-Living-Dead-Boy-by-Rhiannon-Frater.pdf
    • http://cefasfese.4pu.com/2731733734730/The-Dead-and-the-Living-by-Sharon-Olds.pdf
    • http://cefasfese.4pu.com/4730736733736735/Living-with-the-Dead-by-Mike-Richardson.pdf
    • http://cefasfese.4pu.com/2730736733739734/Don-of-the-Living-Dead-by-Robert-DeCoteau.pdf
    • http://cefasfese.4pu.com/1730738737733739/For-the-Living-and-the-Dead-by-Tomas-Transtr-mer.pdf
    • http://cefasfese.4pu.com/1731733739738735731/Beautiful-Bullion-by-Leisa-Pownall.pdf
    • http://cefasfese.4pu.com/3733730733735731/Night-of-the-Living-Dead-by-John-A-Russo.pdf
    • http://cefasfese.4pu.com/3739733739733736/Detention-of-the-Living-Dead-by-Rusty-Fischer.pdf
    • http://cefasfese.4pu.com/7736733731731735/Dawn-of-the-Living-Dead-by-Melissa-Somoza.pdf
    • http://cefasfese.4pu.com/4738733731734730/The-Living-and-the-Dead-in-Winsford-by-H-kan-Nesser.pdf
    • http://cefasfese.4pu.com/1737736735730738/Night-of-the-Living-Dead-by-John-A-Russo.pdf
    • http://cefasfese.4pu.com/4731733739734735/Living-with-a-Dead-Language-My-Romance-with-Latin-by-Ann-Patty.pdf
    • http://cefasfese.4pu.com/1738739731734737/Zombies-Don-t-Cry-Living-Dead-Love-Story-1-by-Rusty-Fischer.pdf
    • http://cefasfese.4pu.com/3734738734734732/Living-Dead-in-Dallas-Sookie-Stackhouse-2-by-Charlaine-Harris.pdf
    • http://cefasfese.4pu.com/4731737736737736/Reaper-Madness-Living-Dead-World-2-by-Nessie-Strange.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.