Malicious PDF — malware analysis report

Static analysis result for SHA-256 e0f99b730e93e1c0…

MALICIOUS

PDF

15.2 KB Created: 2019-05-02 17:20:58 +01:00 Authoring application: mPDF 5.7
MD5: fb6bbaba27499b42376579ac10211e78 SHA-1: 1b82d704c2aa8a933abfe53231416661d1946566 SHA-256: e0f99b730e93e1c04b02e3aff00938f398cd14ec1149d6408333f1e39a02df86
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links to external PDF documents, hosted on the domain 'cefasfese.4pu.com'. This behavior is indicative of a link farm or a phishing lure designed to direct users to potentially malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9778

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/4733738735739737/Whispers-Whispers-1-by-L-L-Caulton.pdf
    • http://cefasfese.4pu.com/3731733731734739/Her-Secret-Whispers-The-Whispers-3-by-Joanna-Mazurkiewicz.pdf
    • http://cefasfese.4pu.com/3734735734732731/Soul-Whispers-II-Secret-Alchemy-of-the-Elements-in-Soul-Coaching-Soul-Whispers-2-by-Denise-Linn.pdf
    • http://cefasfese.4pu.com/1731738730730732/Whispers-in-the-Woods-The-Complete-Collection-Whispers-in-the-Woods-1-3-by-T-J-Dell.pdf
    • http://cefasfese.4pu.com/3732731730739734/Soul-Whispers-III-Soul-Whispers-3-by-Sophia-Fairchild.pdf
    • http://cefasfese.4pu.com/1735735733732739/City-of-Whispers-City-of-Whispers-1-by-Katherine-Sorin.pdf
    • http://cefasfese.4pu.com/4730731735733730/Whispers-in-the-Woods-Vol-1-Whispers-in-the-Woods-1-by-T-J-Dell.pdf
    • http://cefasfese.4pu.com/2730736739739733/Whispers-in-the-Dark-by-K-I-Lynn.pdf
    • http://cefasfese.4pu.com/3735739731734734/Whispers-by-Heath-Stallcup.pdf
    • http://cefasfese.4pu.com/6738734733731739/Whispers-on-the-Wind-by-Heasler.pdf
    • http://cefasfese.4pu.com/3735737733736738/Whispers-From-The-Past-by-Grasshopper.pdf
    • http://cefasfese.4pu.com/4730738733739737/Whispers-from-the-Abyss-by-Kat-Rocha.pdf
    • http://cefasfese.4pu.com/1730739734736737731/Whispers-by-Rosie-Goodwin.pdf
    • http://cefasfese.4pu.com/2739737732739735/Whispers-from-the-Grave-by-Kim-Murphy.pdf
    • http://cefasfese.4pu.com/2731737736734739/Whispers-Underground-by-Ben-Aaronovitch.pdf
    • http://cefasfese.4pu.com/4736733737/Whispers-and-the-Roars-by-K-Webster.pdf
    • http://cefasfese.4pu.com/1730733734739731737/Haunting-Whispers-by-V-K-Powell.pdf
    • http://cefasfese.4pu.com/4732735730732737/Whispers-Of-Autumn-by-Jo-Cattell.pdf
    • http://cefasfese.4pu.com/2737732736734733/Absence-Whispers-and-Shadow-by-J-B-Forsyth.pdf
    • http://cefasfese.4pu.com/1739738735736733/Skin-Whispers-Down-by-Marilyn-Iwama.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.