Malicious PDF — malware analysis report

Static analysis result for SHA-256 d781b9bdbb08f7a0…

MALICIOUS

PDF

16.4 KB Created: 2019-06-09 13:58:15 +01:00 Authoring application: mPDF 5.7
MD5: ea6afa4fee73fba986ecf6d6c1058582 SHA-1: 812b1c29fcf8ec30804bde2ea9c97d8e2303cdf5 SHA-256: d781b9bdbb08f7a0ae715ff73c5a81d455e644b3f6f0538069fe3d7b3fc3e1ac
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file was flagged by a machine learning classifier as malicious. Static analysis revealed a large number of embedded links, forming a link farm. The primary heuristic indicates a 'PDF_SEO_LINK_FARM' with 23 external links, many of which are to book titles, suggesting a potential SEO spam or phishing lure. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/4738730734739737/Breaking-Braydon-Breaking-and-Taking-1-by-M-K-Harkins.pdf
    • http://cefasfese.4pu.com/4731737734735738/Female-Nomad-and-Friends-Tales-of-Breaking-Free-and-Breaking-Bread-Around-the-World-by-Rita-Golden-Gelman.pdf
    • http://cefasfese.4pu.com/1735730732739737/Breaking-the-Rules-The-Breaking-Series-1-by-Nicole-Sturgill.pdf
    • http://cefasfese.4pu.com/3730737731734739/Taking-It-Back-A-Practical-Guide-to-Breaking-The-Shackles-of-the-Federal-Government-through-Session-by-Chance-DeWitt.pdf
    • http://cefasfese.4pu.com/7739734731739739/Breaking-100-90-80-Taking-Your-Game-to-the-Next-Level-with-the-Best-Teachers-in-Golf-by-Golf-Digest.pdf
    • http://cefasfese.4pu.com/4739730732737737/Beyond-the-Breaking-Point-Beyond-the-Breaking-Point-1-by-Zena-Wynn.pdf
    • http://cefasfese.4pu.com/3739730733738730/Breaking-Boundaries-by-M-A-Lee.pdf
    • http://cefasfese.4pu.com/4739730738739739/Breaking-the-Ice-by-Kim-Baldwin.pdf
    • http://cefasfese.4pu.com/8731739733737733/Pointe-of-Breaking-by-Amy-Daws.pdf
    • http://cefasfese.4pu.com/3733736733732737/Breaking-Him-by-Sherilee-Gray.pdf
    • http://cefasfese.4pu.com/6736730737739731/The-Breaking-of-Eggs-by-Jim-Powell.pdf
    • http://cefasfese.4pu.com/1730733737734733730/Breaking-Rules-by-S-B-Alexander.pdf
    • http://cefasfese.4pu.com/2731739732738733/Breaking-by-Danielle-Rollins.pdf
    • http://cefasfese.4pu.com/3735732737734734/Breaking-Up-by-Kate-Cann.pdf
    • http://cefasfese.4pu.com/2737736734731734/Breaking-the-Ice-by-Mandy-Baggot.pdf
    • http://cefasfese.4pu.com/2732735730735/Breaking-Mobius-by-T-R-Horne.pdf
    • http://cefasfese.4pu.com/9732734736738/Breaking-the-Tongue-by-Vyvyane-Loh.pdf
    • http://cefasfese.4pu.com/4738731732737734/Breaking-His-Rules-by-R-C-Matthews.pdf
    • http://cefasfese.4pu.com/5734737734739734/Breaking-and-Entering-by-Joy-Williams.pdf
    • http://cefasfese.4pu.com/4738736731738732/Breaking-Her-Love-is-War-2-by-R-K-Lilley.pdf
    • http://cefasfese.4pu.com/473973073

Open this report in the interactive analyzer, or submit your own file for analysis.