Malicious PDF — malware analysis report

Static analysis result for SHA-256 c49afcd2c9058186…

MALICIOUS

PDF

16.4 KB Created: 2019-05-02 07:31:47 +01:00 Authoring application: mPDF 5.7
MD5: 69cf762bd13d759cc8e060b4aeb3f72e SHA-1: 427e25f5aed368d644e46191e745b43e4117cfd2 SHA-256: c49afcd2c9058186aecfe7e5db0c75ec3b658146ca06536642e38fd540f96115
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains a heuristic firing for a link farm, with 23 external PDF links embedded within its structure. While most of these links resolve to benign content, the sheer volume and the nature of the heuristic suggest a malicious intent to manipulate search engine results or to serve as a distribution point for further malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1738730739732739/Jonny-Plumb-and-the-Golden-Globe-the-Adventures-of-Jonny-Plumb-Book-1-by-Kim-Wheeler.pdf
    • http://cefasfese.4pu.com/3734737730731733/For-A-Pagan-Song-by-Jonny-Bealby.pdf
    • http://cefasfese.4pu.com/3739734732738737/A-Man-of-Good-Hope-by-Jonny-Steinberg.pdf
    • http://cefasfese.4pu.com/8739731737732/The-Seven-Days-of-Peter-Crumb-by-Jonny-Glynn.pdf
    • http://cefasfese.4pu.com/1731736732732736733/Summer-Trouble-Keystone-Books-by-Jonny-Zucker.pdf
    • http://cefasfese.4pu.com/6737730735736734/Fasting-and-Dates-A-Ramadan-and-Eid-UL-Fitr-Story-by-Jonny-Zucker.pdf
    • http://cefasfese.4pu.com/3737732731733734/Polly-and-the-Pirates-Volume-1-Polly-amp-the-Pirates-1-by-Ted-Naifeh.pdf
    • http://cefasfese.4pu.com/8731736733733739/Door-to-Door-by-Mariam-Razek.pdf
    • http://cefasfese.4pu.com/2732735739735735/Surprise-Me-A-Billionaire-Next-Door-Novel-The-Billionaire-Next-Door-Book-10-by-Violette-Paradis.pdf
    • http://cefasfese.4pu.com/1730736734732732/Adventures-with-Jonny-Let-s-Go-Fishing-A-Parent-and-Child-Fishing-Adventure-and-Guide-by-Michael-DiLorenzo.pdf
    • http://cefasfese.4pu.com/2733739735733738/Look-Out-For-Pirates-by-Iris-Vinton.pdf
    • http://cefasfese.4pu.com/4732735732738739/Ravished-by-the-Pirates-by-Powerone.pdf
    • http://cefasfese.4pu.com/4735735733730731/Pirates-by-Celia-Rees.pdf
    • http://cefasfese.4pu.com/4739734730733735/The-Pirates-of-Penzance-by-W-S-Gilbert.pdf
    • http://cefasfese.4pu.com/7739733732731733/The-Ice-Sea-Pirates-by-Frida-Nilsson.pdf
    • http://cefasfese.4pu.com/6731739737731736/You-and-the-Pirates-by-Jocelyne-Allen.pdf
    • http://cefasfese.4pu.com/3735737732736731/Pirates-and-Politics-by-Joseph-Rinaldo.pdf
    • http://cefasfese.4pu.com/9730737738733733/Brotherhood-of-Pirates-by-Judith-Schoder.pdf
    • http://cefasfese.4pu.com/2738731738739733/Pirates-and-Prejudice-by-Kara-Louise.pdf
    • http://cefasfese.4pu.com/1731736731732736/Finnigan-amp-the-Pirates-by-Sherryl-Jordan.pdf
    • http://cefasfese.4pu.com/2732735739735735/Surprise-Me-A-Billiona

Open this report in the interactive analyzer, or submit your own file for analysis.