Malicious PDF — malware analysis report

Static analysis result for SHA-256 9af0b64fc067a478…

MALICIOUS

PDF

13.7 KB Created: 2019-05-03 05:26:46 +01:00 Authoring application: mPDF 5.7
MD5: 7310cc40376dcda7e81f73460957236a SHA-1: 1b9f2c17156a303cb87f8a8aff4462c93202ecd7 SHA-256: 9af0b64fc067a4781408549e36b6c3afb9b6504cb61b8c00624691cd89a1258e
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. These links point to various PDF files hosted on the same domain, suggesting a link farm or traffic redirection scheme. No scripts were extracted from this sample. The primary attack pattern is the distribution of these numerous links.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/2731730731735733/Lost-and-Found-Lost-and-Found-1-by-Nicole-Williams.pdf
    • http://cefasfese.4pu.com/1734735733730734/Near-and-Far-Lost-amp-Found-2-by-Nicole-Williams.pdf
    • http://cefasfese.4pu.com/4732738734730734/Losers-Weepers-Lost-amp-Found-4-by-Nicole-Williams.pdf
    • http://cefasfese.4pu.com/4735731739731733/The-Complete-Emi-Lost-amp-Found-Series-Lost-amp-Found-0-5--3-by-Lori-L-Otto.pdf
    • http://cefasfese.4pu.com/1731738735731730/Emi-Lost-amp-Found-Series-Emi-Lost-amp-Found-1-3-by-Lori-L-Otto.pdf
    • http://cefasfese.4pu.com/3739735731738739/Lost-and-Found-Pieces-Lost-and-Found-5-2-by-J-M-Madden.pdf
    • http://cefasfese.4pu.com/4732737737732/Lost-and-Found-Emi-Lost-amp-Found-1-by-Lori-L-Otto.pdf
    • http://cefasfese.4pu.com/2731731733739731/Found-Lost-amp-Found-2-by-Nadia-Simonenko.pdf
    • http://cefasfese.4pu.com/2730730739739733/Lost-amp-Found-by-J-Holland.pdf
    • http://cefasfese.4pu.com/8735734739735/Lost-amp-Found-by-Shaun-Tan.pdf
    • http://cefasfese.4pu.com/4739732738738732/The-Lost-and-the-Found-by-Cat-Clarke.pdf
    • http://cefasfese.4pu.com/1733737730/The-Lost-and-the-Found-by-Cat-Clarke.pdf
    • http://cefasfese.4pu.com/3730731732734731/Lost-and-Found-by-Kris-Jacen.pdf
    • http://cefasfese.4pu.com/2730730737730735/Embattled-Ever-After-Lost-and-Found-5-by-J-M-Madden.pdf
    • http://cefasfese.4pu.com/3739735734737731/Her-Secret-Wish-Lost-and-Found-4-3-by-J-M-Madden.pdf
    • http://cefasfese.4pu.com/6733735737737739/Lost-amp-Found-by-Brooke-Davis.pdf
    • http://cefasfese.4pu.com/4731733736733738/Lost-and-Found-by-Marilyn-Harris.pdf
    • http://cefasfese.4pu.com/8730737739739/Lost-and-Found-by-Jayne-Ann-Krentz.pdf
    • http://cefasfese.4pu.com/4738734733737738/Lost-Found-by-Jane-Sigaloff.pdf
    • http://cefasfese.4pu.com/3737734736/The-Lost-amp-Found-by-Katrina-Leno.pdf
    • http://cefasfese.4pu.com/2730730737730735/Embattled-Ever-After-Lost-and-Found-5-by-J-M-Madden.pd

Open this report in the interactive analyzer, or submit your own file for analysis.