Malicious PDF — malware analysis report

Static analysis result for SHA-256 b6da1dbe456d0f22…

MALICIOUS

PDF

13.7 KB Created: 2019-11-09 22:46:41 +00:00 Authoring application: mPDF 5.7
MD5: 118b3ff0cef1bed3fb568526e94c7712 SHA-1: e7b3cc5b4b7dc4894184c5d79b6499c1fd3c84f4 SHA-256: b6da1dbe456d0f223d063c686e063b55e8224f3201dfca59d59c8d3d7fc341b1
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic, pointing to external resources. While the specific URLs themselves are marked as benign, the sheer volume and structure suggest a link farm designed to direct users to potentially malicious content. The ML_NYX_PDF_MALICIOUS heuristic further supports the malicious classification. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9798

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/8738734733730731/Falling-into-you---F-r-immer-wir-Falling-1-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/3734731730735/Falling-into-You-Falling-1-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/6734733739735/Falling-Under-Falling-3-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/1733732/Falling-Away-Falling-4-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/9736734736730/Falling-in-Fiji-Falling-in-Paradise-1-by-Casey-Hagen.pdf
    • http://cefasfese.4pu.com/1734736739735736/Falling-for-the-Enemy-Falling-in-Love-1-by-Sam-Crescent.pdf
    • http://cefasfese.4pu.com/1734737739730737/Justice-Falling-Falling-3-by-Audrey-Carlan.pdf
    • http://cefasfese.4pu.com/6738739735735/The-Falling-of-Love-Falling-1-by-Marisa-Oldham.pdf
    • http://cefasfese.4pu.com/1737730732738739/Falling-into-Surrender-Falling-3-by-A-Zavarelli.pdf
    • http://cefasfese.4pu.com/2730732732733734/Falling-for-Him-5-Falling-for-Him-5-by-Jessica-Gray.pdf
    • http://cefasfese.4pu.com/3737734732735/Falling-Under-Falling-Under-1-by-Gwen-Hayes.pdf
    • http://cefasfese.4pu.com/3730730739734732/Falling-For-You-Falling-For-Him-1-by-Kelly-Washington.pdf
    • http://cefasfese.4pu.com/2731731733739733/Falling-for-Autumn-Falling-for-Autumn-1-by-Heather-Topham-Wood.pdf
    • http://cefasfese.4pu.com/3738732736737738/Yours-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/3735735736738734/Falling-Falling-1-by-D-W-Marchwell.pdf
    • http://cefasfese.4pu.com/4731735732738739/Falling-into-You-Falling-2-by-L-T-Kelly.pdf
    • http://cefasfese.4pu.com/4731731734734739/Wounded-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/4736733736737/Captured-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/3733737737732738/Exposed-Madame-X-2-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/1734738737735731/After-Forever-The-Ever-Trilogy-2-by-Jasinda-Wilder.pdf
    • http://cefasfese.4pu.com/3738732736737738/Yours-by-Jasinda-Wilder.p

Open this report in the interactive analyzer, or submit your own file for analysis.