MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF document contains a large number of embedded URLs pointing to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass external PDF link farm, with the primary host being 'cefasfese.4pu.com'. While the extracted URLs themselves are labeled as benign, the sheer volume and the nature of the heuristic suggest a malicious intent to drive traffic or potentially host malicious content. No scripts were extracted from this sample.
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cefasfese.4pu.com/1730737739738730734/Tales-Told-in-Oz-The-Wicked-Years-0-5-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/4730736734739/Out-of-Oz-The-Wicked-Years-4-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/4734734739738/A-Lion-Among-Men-The-Wicked-Years-3-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/3730732730737736/A-Lion-Among-Men-The-Wicked-Years-3-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/7735737734735734/Hijo-de-Bruja-The-Wicked-Years-2-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/3735737737730733/Wicked-The-Life-and-Times-of-the-Wicked-Witch-of-the-West-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/4739733737734733/Egg-and-Spoon-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/1733731738731730/Seven-Spiders-Spinning-The-Hamlet-Chronicles-1-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/9731731734/Hiddensee-A-Tale-of-the-Once-and-Future-Nutcracker-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/3733736730734730/Hiddensee-A-Tale-of-the-Once-and-Future-Nutcracker-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/2736737739730738/What-the-Dickens-The-Story-of-a-Rogue-Tooth-Fairy-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/3730735738737730/What-the-Dickens-The-Story-of-a-Rogue-Tooth-Fairy-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/6736734736732731/What-I-Wish-Someone-Had-Told-Me-About-the-First-Five-Years-of-Marriage-by-Roy-Petitfils.pdf
- http://cefasfese.4pu.com/6734734738738738/Matchless-An-Illumination-of-Hans-Christian-Andersen-s-Classic-quot-The-Little-Match-Girl-quot-by-Gregory-Maguire.pdf
- http://cefasfese.4pu.com/2733731732736730/Grimm-Fairy-Tales-Tales-from-Wonderland-vol-1-by-Raven-Gregory.pdf
- http://cefasfese.4pu.com/7739738738731736/Six-Years-in-Mozambique-Things-I-Haven-t-Told-Mom-by-Amy-Gillespie.pdf
- http://cefasfese.4pu.com/2732732739734/Invasion-of-the-Bible-Thumpers-Tales-of-the-North-Woods-and-Other-Places-by-Skookum-Maguire.pdf
- http://cefasfese.4pu.com/2737735736731737/Autumn-Burning-Dreadtime-Stories-for-the-Wicked-Soul-by-Sam-Gregory.pdf
- http://cefasfese.4pu.com/2730734739732735/Seriously-Cinderella-Is-SO-Annoying-The-Story-of-Cinderella-as-Told-by-the-Wicked-Stepmother-by-Trisha-Speed-Shaskan.pdf
- http://cefasfese.4pu.com/1730731736734735732/Tales-Told-By-a-Machine-by-Gianni-Rodari.pdf
- http://cefasfese.4pu.com/3730735738737730/What-the-Dickens-The-Story-of-a
Open this report in the interactive analyzer, or submit your own file for analysis.