Malicious PDF — malware analysis report

Static analysis result for SHA-256 cf3956ef430c5e09…

MALICIOUS

PDF

13.0 KB Created: 2019-05-02 17:11:09 +01:00 Authoring application: mPDF 5.7
MD5: 74f110fbb0031e023a29fdc2bdd700da SHA-1: 93316b7b5227ef3d92fdc0a0417f9f0f74875866 SHA-256: cf3956ef430c5e09f7482b9dee7a43a9c0f95c7c04c650411419eaf0851495a1
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a heuristic firing for a link farm, with numerous embedded URLs pointing to external PDF documents. While the URLs themselves are marked as benign, the sheer volume and structure suggest a malicious intent, likely to lure users to potentially harmful content or phishing pages. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://xiixmcuin.linkpc.net/1200200205208203208/I-Hate-You-More-Than-Anyone-Vol-5-I-Hate-You-More-Than-Anyone-5-by-Banri-Hidaka.pdf
    • http://xiixmcuin.linkpc.net/2207206206209207/I-Hate-You-More-Than-Anyone-Vol-1-I-Hate-You-More-Than-Anyone-1-by-Banri-Hidaka.pdf
    • http://xiixmcuin.linkpc.net/7202206203206/Don-t-Hate-the-Player-Hate-the-Game-by-Katie-Ashley.pdf
    • http://xiixmcuin.linkpc.net/1200200205207203205/V-B-Rose-Volume-4-by-Banri-Hidaka.pdf
    • http://xiixmcuin.linkpc.net/1200200205207204205/V-B-Rose-Volume-12-by-Banri-Hidaka.pdf
    • http://xiixmcuin.linkpc.net/3200206203203206/The-Altar-of-Hate-by-Vox-Day.pdf
    • http://xiixmcuin.linkpc.net/6208200206206/Because-They-Hate-by-Brigitte-Gabriel.pdf
    • http://xiixmcuin.linkpc.net/3200206205205203/Buttons-and-Hate-by-Penelope-Sky.pdf
    • http://xiixmcuin.linkpc.net/4202206207205204/Days-of-Hate-Act-Two-by-Ale-Kot.pdf
    • http://xiixmcuin.linkpc.net/2207209205203205/Days-of-Hate-Act-One-by-Ale-Kot.pdf
    • http://xiixmcuin.linkpc.net/4209208205205206/Hate-by-Martin-Clement.pdf
    • http://xiixmcuin.linkpc.net/6204200207/I-Hate-Everyone-But-You-by-Gaby-Dunn.pdf
    • http://xiixmcuin.linkpc.net/6202203201/The-Boy-I-Hate-by-Taylor-Sullivan.pdf
    • http://xiixmcuin.linkpc.net/2209201201207206/Must-Hate-The-PLAYBOY-by-notjustarandomgirl.pdf
    • http://xiixmcuin.linkpc.net/2200209207201208/Hate-To-Love-You-by-Tijan.pdf
    • http://xiixmcuin.linkpc.net/7209208202201206/Why-I-Hate-Canadians-by-Will-Ferguson.pdf
    • http://xiixmcuin.linkpc.net/5205207209202208/The-Sanguinaires-Or-What-I-Hate-Most-about-Everything-by-Gabriel-Verveniotis.pdf
    • http://xiixmcuin.linkpc.net/3206207205205206/The-Pilgrim-of-Hate-by-Ellis-Peters.pdf
    • http://xiixmcuin.linkpc.net/4201208201202205/I-Hate-You-I-Love-You-by-Elizabeth-Hayley.pdf
    • http://xiixmcuin.linkpc.net/2204209208208208/The-Hate-U-Give-by-Angie-Thomas.pdf
    • http://xiixmcuin.linkpc.net/220

Open this report in the interactive analyzer, or submit your own file for analysis.