Malicious PDF — malware analysis report

Static analysis result for SHA-256 838fc5052f25fd4c…

MALICIOUS

PDF

19.1 KB Created: 2019-05-04 10:32:03 +01:00 Authoring application: mPDF 5.7
MD5: ffd0b2a5f2b4d63e7298865a72b1d0e0 SHA-1: 35c5bacf834f097d9baaa1906e4c3e3da8422953 SHA-256: 838fc5052f25fd4c652af69fdf729b1f2157c4f1c197315f26cda68b55f7d83b
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs, identified as a link farm. While the URLs themselves are currently flagged as benign, the sheer volume and structure suggest a malicious intent, likely to manipulate search engine results or redirect users to malicious sites. The ML classifier also strongly indicated maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9920

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1731736734734735737/Scherben-bringen-Liebesgl-ck-by-Verena-Schall.pdf
    • http://cefasfese.4pu.com/2734733730732731/Vengeance-from-Ashes-Honor-and-Duty-1-by-Sam-Schall.pdf
    • http://cefasfese.4pu.com/1731735733736738734/Strategie-in-Scherben-3-by-Nathan-Jaeger.pdf
    • http://cefasfese.4pu.com/1731731736735731730/M-dchen-in-Scherben-by-Kathleen-Glasgow.pdf
    • http://cefasfese.4pu.com/1731739733734736733/Strategie-in-Scherben-1-by-Nathan-Jaeger.pdf
    • http://cefasfese.4pu.com/1731739735737735738/Wie-Sie-andere-dazu-bringen-das-zu-tun-was-Sie-wollen-by-Kishor-Sridhar.pdf
    • http://cefasfese.4pu.com/1730737730734739732/Gung-Ho-Wie-Sie-jedes-Team-in-H-chstform-bringen-by-Kenneth-H-Blanchard.pdf
    • http://cefasfese.4pu.com/1730737731731736739/Nur-ein-Leben-Texte-die-dich-auf-dumme-Gedanken-bringen-by-Tim-Chimoy.pdf
    • http://cefasfese.4pu.com/1731736734733737731/Oh-She-Glows-Das-Kochbuch-ber-100-vegane-Rezepte-die-den-K-rper-zum-Strahlen-bringen-by-Angela-Liddon.pdf
    • http://cefasfese.4pu.com/1731732736737733735/Der-Mann-Dessen-Welt-In-Scherben-Ging-Zwei-Neurologische-Geschichten-by-Alexander-R-Luria.pdf
    • http://cefasfese.4pu.com/1730731732738734730/Dynamics-of-Symbols-by-Verena-Kast.pdf
    • http://cefasfese.4pu.com/1731737737730734734/Systemkollaps-Cyber-Angriff-amp-Bank-Run-Die-Gro-e-Enteignung-Warum-der-Zypern-Bankenraub-in-ganz-Europa-kommt-und-was-Sie-jetzt-unbedingt-tun-m-ssen-in-Sicherheit-zu-bringen-by-Lothar-Guggenmos.pdf
    • http://cefasfese.4pu.com/1730734738734737732/Das-Gl-ck-in-wei-en-N-chten-by-Verena-Rabe.pdf
    • http://cefasfese.4pu.com/1730731732736734738/Verena-Fayre-Probationer-by-Valerie-K-Nelson.pdf
    • http://cefasfese.4pu.com/7737734734736736/Cree-To-Believe-in-the-World-by-Verena-Andermatt-Conley.pdf
    • http://cefasfese.4pu.com/1731734734732731731/Janine---Gefickt-von-drei-M-nnern-by-Verena-Mannsfeld.pdf
    • http://cefasfese.4pu.com/1730732735734736734/M-dchenb-cher-Leitbilder-f-r-Wirklichkeit-by-Verena-Mayr-Kleffel.pdf
    • http://cefasfese.4pu.com/1731739731737736732/Verena-Hei-es-Fr-chtchen-in-der-K-che-by-Bianca-Lange.pdf
    • http://cefasfese.4pu.com/8738735739730736/Oberst-Redl-by-Hannes-Leidinger-Verena-Moritz.pdf
    • http://cefasfese.4pu.com/1730733736738733736/wachgek-sst-Einmal-M-rchenreich-und-zur-ck-by-Verena-Rank.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.