Malicious PDF — malware analysis report

Static analysis result for SHA-256 d94325d195223e23…

MALICIOUS

PDF

16.1 KB Created: 2019-11-21 12:43:04 +00:00 Authoring application: mPDF 5.7
MD5: de860d868c377e3f284fa9e8052b2abc SHA-1: af59bd15c24531dd54acc88a25380c619264a45a SHA-256: d94325d195223e239922f2dc807e41e41f58676d6a54510eba426d948de223cf
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links pointing to external PDFs hosted on the domain 'cefasfese.4pu.com'. This domain and the structure of the URLs suggest a link farm or SEO poisoning attempt, likely designed to drive traffic to potentially malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9811

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/2734732735733737/The-Wright-One-Wright-Love-Duet-2-by-K-A-Linde.pdf
    • http://cefasfese.4pu.com/5730739734/The-Wright-Brother-by-K-A-Linde.pdf
    • http://cefasfese.4pu.com/2734732734736735/The-Wright-Secret-by-K-A-Linde.pdf
    • http://cefasfese.4pu.com/9734737735/Wright-Brothers-Wrong-Story-How-Wilbur-Wright-Solved-the-Problem-of-Manned-Flight-by-William-Hazelgrove.pdf
    • http://cefasfese.4pu.com/2733737730736732/An-Arrangement-of-Love-Chasing-Love-1-by-Kenya-Wright.pdf
    • http://cefasfese.4pu.com/9738731735739738/Frank-Lloyd-Wright-Chicagoland-Frank-Lloyd-Wright-Portfolio-Series-by-Thomas-A-Heinz.pdf
    • http://cefasfese.4pu.com/2737739739739730/Flirting-with-Chaos-Crazy-in-Love-1-by-Kenya-Wright.pdf
    • http://cefasfese.4pu.com/1731730735737739732/Blizzard-of-Love-Long-Valley-1-5-by-Erin-Wright.pdf
    • http://cefasfese.4pu.com/9733731734/Lies-Love-and-Breakfast-at-Tiffany-s-by-Julie-Wright.pdf
    • http://cefasfese.4pu.com/4738733739738732/The-History-of-Lucy-s-Love-Life-in-Ten-and-a-Half-Chapters-by-Deborah-Wright.pdf
    • http://cefasfese.4pu.com/7738732735738733/Potty-Clarissa-s-One-Pot-Cookbook-Clarissa-Dickson-Wright-by-Clarissa-Dickson-Wright.pdf
    • http://cefasfese.4pu.com/5730736733736739/Dictionaries-by-Jon-Wright.pdf
    • http://cefasfese.4pu.com/1731730737733734737/Dr-Faustus-by-L-wright-amp-v-la-mar.pdf
    • http://cefasfese.4pu.com/6736739731739737/Gracie-by-B-K-Wright.pdf
    • http://cefasfese.4pu.com/3736737738733/New-Yesterdays-by-Jim-L-Wright.pdf
    • http://cefasfese.4pu.com/4737735733737736/Taurok-s-War-by-Dan-Wright.pdf
    • http://cefasfese.4pu.com/3731735732731736/Cinder-by-Will-Wright.pdf
    • http://cefasfese.4pu.com/3735732732731733/The-Strangeness-of-Men-by-Kim-Drew-Wright.pdf
    • http://cefasfese.4pu.com/4731739739736/What-Dies-in-Summer-by-Tom-Wright.pdf
    • http://cefasfese.4pu.com/9730738734737737/Nightfall-by-Richard-B-Wright.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.