Malicious PDF — malware analysis report

Static analysis result for SHA-256 a5beeb413f0af47b…

MALICIOUS

PDF

18.1 KB Created: 2019-05-03 06:27:18 +01:00 Authoring application: mPDF 5.7
MD5: 36ac9b1019c751ed1d09159f52867ab6 SHA-1: 0536f474022442aa400cd297365bacf30e7c4b9a SHA-256: a5beeb413f0af47b9e60cb76ef07426c102311b92edf01ea0c70936aceb03978
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious with high confidence. The embedded URLs, such as http://cefasfese.4pu.com/6731736734733737/Libba-Living-On-The-Edge-by-Tony-Liberatore.pdf, are likely used to distribute further malicious content or for SEO spam.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9925

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/6731736734733737/Libba-Living-On-The-Edge-by-Tony-Liberatore.pdf
    • http://cefasfese.4pu.com/6731736734732730/Liberatore-s-Women-by-Tanino-Liberatore.pdf
    • http://cefasfese.4pu.com/1736731732730734/Living-on-the-Edge-Tales-from-the-Edge-2-by-L-M-Somerton.pdf
    • http://cefasfese.4pu.com/2739731738730735/Straight-Edge-A-Clear-Headed-Hardcore-Punk-History-by-Tony-Rettman.pdf
    • http://cefasfese.4pu.com/8730732733735/Trespass-Living-at-the-Edge-of-the-Promised-Land-by-Amy-Irvine.pdf
    • http://cefasfese.4pu.com/4739738733739735/The-Freddy-Mercury-Story-Living-on-the-Edge-by-David-Bret.pdf
    • http://cefasfese.4pu.com/8739731735736734/Bohemian-Manifesto-A-Field-Guide-to-Living-on-the-Edge-by-Laren-Stover.pdf
    • http://cefasfese.4pu.com/2739731737738738/Straight-Edge-Hardcore-Punk-Clean-Living-Youth-and-Social-Change-by-Ross-Haenfler.pdf
    • http://cefasfese.4pu.com/8736733733738733/Articles-on-Novels-by-Libba-Bray-Including-A-Great-and-Terrible-Beauty-Rebel-Angels-Libba-Bray-Novel-the-Sweet-Far-Thing-Gemma-Doyle-Trilogy-List-of-Gemma-Doyle-Trilogy-Characters-by-Hephaestus-Books.pdf
    • http://cefasfese.4pu.com/6731736734733733/The-Management-of-Uncertainty-Learning-from-Chernobyl-by-A-Liberatore.pdf
    • http://cefasfese.4pu.com/6731736734732735/Padre-Liberatore-and-the-Ontologists-by-Charles-Meynell.pdf
    • http://cefasfese.4pu.com/6731736734732737/The-Road-to-Hell-The-True-Story-of-George-Jackson-Stephen-Bingham-and-the-San-Quentin-Massacre-by-Paul-Liberatore.pdf
    • http://cefasfese.4pu.com/2736737731733738/Edge-Romance-on-the-Edge-Book-1-by-Tiffinie-Helmer.pdf
    • http://cefasfese.4pu.com/1736733733737730/Nightmare-s-Edge-Echoes-from-the-Edge-3-by-Bryan-Davis.pdf
    • http://cefasfese.4pu.com/1736733734735734/Eternity-s-Edge-Echoes-from-the-Edge-2-by-Bryan-Davis.pdf
    • http://cefasfese.4pu.com/3733734732730738/Going-Bovine-by-Libba-Bray.pdf
    • http://cefasfese.4pu.com/2738737735733739/Fate-s-Edge-The-Edge-3-by-Ilona-Andrews.pdf
    • http://cefasfese.4pu.com/6731737733730/Fate-s-Edge-The-Edge-3-by-Ilona-Andrews.pdf
    • http://cefasfese.4pu.com/2735732734738/Steel-s-Edge-The-Edge-4-by-Ilona-Andrews.pdf
    • http://cefasfese.4pu.com/1731737737739737/Life-on-the-Edge-Edge-1-by-Jennifer-Comeaux.pdf
    • http://cefasfese.4pu.com/8736733733738733/A

Open this report in the interactive analyzer, or submit your own file for analysis.