Malicious PDF — malware analysis report

Static analysis result for SHA-256 863eec5cae7a616b…

MALICIOUS

PDF

15.0 KB Created: 2019-11-08 00:52:54 +00:00 Authoring application: mPDF 5.7
MD5: 841df7f407f7d4eacfc6fcd3d90c799d SHA-1: 401bf0414a6fb4e0cb1ca33a572bacdbb4957149 SHA-256: 863eec5cae7a616b9a00ba82e9869fec9fa73bdccc304fa0ff92b4b498a3660a
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF document was identified as malicious due to a critical heuristic firing for a PDF_SEO_LINK_FARM. This indicates the presence of numerous external links within the document. While the document body is heavily obfuscated, the extracted URLs suggest a link farm designed to redirect users to various content, likely malicious. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/8738735738733735/All-He-Wants---Billy-amp-Maxi-Crossroads-9-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/3734731734739731/All-He-Feels---Dax-amp-Ginny-Crossroads-11-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/1731732732734738730/My-Love-Bobby-amp-Sophie-Crossroads-8-5-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/2730732735735735/Teasing-Destiny-Wishing-Well-Texas-1-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/6739730734730/Sweet-Harmonies-Hope-Falls-2-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/7730732737737/Sweet-Reunion-Hope-Falls-1-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/2730732738730736/Perfect-Kiss-Hope-Falls-9-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/2730732736736730/Magic-Kiss-Hope-Falls-11-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/4733734733731738/Sweet-Reunion-Hope-Falls-1-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/4734738735732733/Home-Sweet-Home-Hope-Falls-4-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/2732736733739739/Someday-Girl-Someday-1-by-Melanie-Shawn.pdf
    • http://cefasfese.4pu.com/5730732736733734/What-Would-Jesus-Buy-Reverend-Billy-s-Fabulous-Prayers-in-the-Face-of-the-Shopocalypse-by-Billy-Talen.pdf
    • http://cefasfese.4pu.com/3730739730/Billy-and-Me-Billy-and-Me-1-by-Giovanna-Fletcher.pdf
    • http://cefasfese.4pu.com/1734733730733738/Heartbreak-amp-Triumph-The-Shawn-Michaels-Story-by-Shawn-Michaels.pdf
    • http://cefasfese.4pu.com/1738735731733737/Maxi-Dog-Becomes-Polite-by-Sam-Dawn.pdf
    • http://cefasfese.4pu.com/1731732738734739730/Tapped-and-Taken-by-Two-by-Maxi-MacNair.pdf
    • http://cefasfese.4pu.com/1731732738737738734/Cheshire-Maxi-by-A-A-Publishing.pdf
    • http://cefasfese.4pu.com/1731732738734731738/Living-the-Dream-by-Maxi-Shelton.pdf
    • http://cefasfese.4pu.com/1731732738737739731/Maxi-s-Choice-by-Phyllis-H-Moore.pdf
    • http://cefasfese.4pu.com/1731732738734730739/Maxi-the-Hero-by-Debra-Barracca.pdf
    • http://cefasfese.4pu.com/5730732736733734/Wha

Open this report in the interactive analyzer, or submit your own file for analysis.