Malicious PDF — malware analysis report

Static analysis result for SHA-256 e2ae9fce09036baf…

MALICIOUS

PDF

22.2 KB Created: 2019-11-09 23:53:56 +00:00 Authoring application: mPDF 5.7
MD5: 6cd4dcc085fdcb975da4c734d0234ced SHA-1: 2c4ef50e9c3dbb5c35fffc11cf4749db987c348a SHA-256: e2ae9fce09036baf5bd827eef58b217de830432ff62679bc7b268fa1b8a23d52
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded links, identified by the PDF_SEO_LINK_FARM heuristic. While the URLs themselves are currently marked as benign, the sheer volume and structure suggest a malicious intent, likely for SEO manipulation or to distribute further malicious content. No scripts were extracted from this sample, and the document body was unreadable.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1737732730737731/Bless-the-Child-by-Cathy-Cash-Spellman.pdf
    • http://cefasfese.4pu.com/4732733736739736/Paint-the-Wind-by-Alberta-Pierson-Hannum.pdf
    • http://cefasfese.4pu.com/9738734737733/Cash-The-Autobiography-by-Johnny-Cash.pdf
    • http://cefasfese.4pu.com/6730733733735733/International-Cash-Management-A-Practical-Guide-to-Managing-Cash-Flows-Liquidity-Working-Capital-and-Short-Term-Financial-Risks-Treasury-Management-and-Finance-Series-by-Willem-van-Alphen.pdf
    • http://cefasfese.4pu.com/1736735737732732/Cathy-s-Key-Cathy-Vickers-Trilogy-2-by-Sean-Stewart.pdf
    • http://cefasfese.4pu.com/6730738732738736/Letters-to-Cathy-by-Cathy-Cassidy.pdf
    • http://cefasfese.4pu.com/9738736731738738/The-Spellman-Series-Box-Set-1---4-The-Spellmans-1-4-by-Lisa-Lutz.pdf
    • http://cefasfese.4pu.com/4731735735736734/The-Spellman-Files-The-Spellmans-1-by-Lisa-Lutz.pdf
    • http://cefasfese.4pu.com/2737730730731/The-Spellman-Files-The-Spellmans-1-by-Lisa-Lutz.pdf
    • http://cefasfese.4pu.com/1738736733735739/The-Spellman-Files-The-Spellmans-1-by-Lisa-Lutz.pdf
    • http://cefasfese.4pu.com/1739737730730736/The-Spellman-Files-The-Spellmans-1-by-Lisa-Lutz.pdf
    • http://cefasfese.4pu.com/9738730739739737/The-Tech-Entrepreneur-s-Survival-Guide-How-to-Bootstrap-Your-Startup-Lead-Through-Tough-Times-and-Cash-In-for-Success-How-to-Bootstrap-Your-Startup-Through-Tough-Times-and-Cash-In-for-Success-by-Bernd-Schoner.pdf
    • http://cefasfese.4pu.com/1732735736736738/The-Wind-Singer-Wind-on-Fire-trilogy-1-by-William-Nicholson.pdf
    • http://cefasfese.4pu.com/6730738734730733/The-Cathy-Cassidy-Dreams-and-Doodles-Daybook-by-Cathy-Cassidy.pdf
    • http://cefasfese.4pu.com/9738731731739734/The-Tech-Entrepreneur-s-Survival-Guide-How-to-Bootstrap-Your-Startup-Lead-Through-Tough-Times-and-Cash-in-for-Success-How-to-Bootstrap-Your-Startup-Lead-Through-Tough-Times-and-Cash-in-for-Success-by-Bernd-Schoner.pdf
    • http://cefasfese.4pu.com/1732735738732732/Old-Custer-by-Eli-Cash.pdf
    • http://cefasfese.4pu.com/8730739732730730/East-Wind-West-Wind-The-Saga-of-a-Chinese-Family-Oriental-Novels-of-Pearl-S-Buck-Book-8-by-Pearl-S-Buck.pdf
    • http://cefasfese.4pu.com/1733731734733737/Faithful-by-Kim-Cash-Tate.pdf
    • http://cefasfese.4pu.com/3737737737738734/Wet-Paint-by-Sera-Breen.pdf
    • http://cefasfese.4pu.com/9738738730735/Hello-I-m-Johnny-Cash-by-G-Neri.pdf
    • http://cefasfese.4pu.com/6730

Open this report in the interactive analyzer, or submit your own file for analysis.