Malicious PDF — malware analysis report

Static analysis result for SHA-256 c07a55b16409fb46…

MALICIOUS

PDF

12.7 KB Created: 2019-05-02 18:19:00 +01:00 Authoring application: mPDF 5.7
MD5: 078e873ed58644201a569048f67c5617 SHA-1: 7e209432cdae713bd1e428f5d132af07b3b90128 SHA-256: c07a55b16409fb468b974d9379923e529bf22e56533fcf5774fd19dfb1405446
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged the document as malicious. The embedded links, while individually marked as benign, collectively form a link farm, suggesting a potential SEO manipulation or a distribution mechanism for further malicious content. The primary host for these links is cefasfese.4pu.com.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8780

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1739737738735730/Something-Borrowed-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/1733732739734737/At-First-Sight-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/1735739730737739/French-Kissmas-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/6736736738733732/Oasis-Dinotopia-16-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/1730730735735737735/Pony-Crazy-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/8730736736735737/Always-Dreamin-Star-Power-2-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/1735739730739733/The-Twelve-Dates-of-Christmas-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/4730733736739730/Mickey-s-Walt-Disney-World-Adventure-Little-Golden-Book-by-Catherine-Hapka.pdf
    • http://cefasfese.4pu.com/4737732737736736/Road-to-Home-Road-To-2-by-Mell-Eight.pdf
    • http://cefasfese.4pu.com/2739730733730738/When-Jeff-Comes-Home-by-Catherine-Atkins.pdf
    • http://cefasfese.4pu.com/3733732734730734/Home-Across-the-Road-by-Nancy-Peacock.pdf
    • http://cefasfese.4pu.com/1735733738732731/The-Last-Road-Home-by-Danny-Johnson.pdf
    • http://cefasfese.4pu.com/1731737739731739/The-Road-Home-by-Naty-Matos.pdf
    • http://cefasfese.4pu.com/6736733733733737/The-Road-Home-Rags-and-Riches-10-by-E-M-Leya.pdf
    • http://cefasfese.4pu.com/1735731730739739/High-Road-Home-by-William-Corbin.pdf
    • http://cefasfese.4pu.com/2730736734735730/Long-Road-Home-by-Maya-Banks.pdf
    • http://cefasfese.4pu.com/3739738730737736/The-Road-Home-by-Michael-Thomas-Ford.pdf
    • http://cefasfese.4pu.com/4731733738734736/The-Road-Home-The-Letter-2-by-Kathleen-Shoop.pdf
    • http://cefasfese.4pu.com/4738731739739733/Love-s-Road-Home-by-Lisa-Lewis.pdf
    • http://cefasfese.4pu.com/9735732734/Crash-Landing-The-Long-Road-Home-by-Liz-Jansen.pdf
    • http://cefasfese.4pu.com/1735731730739739/High-Road-

Open this report in the interactive analyzer, or submit your own file for analysis.