Malicious PDF — malware analysis report

Static analysis result for SHA-256 f20cc7ece389f2ec…

MALICIOUS

PDF

15.8 KB Created: 2020-03-14 00:22:50 +00:00 Authoring application: mPDF 5.7
MD5: 5eb71baeaf18b7ae75aa19970056083e SHA-1: 0151e30510f5a79be6f465f7fd4df74a86f70114 SHA-256: f20cc7ece389f2eced662ae73d6d323c07b9d5b062233d9f71442502301cf965
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a heuristic firing for a PDF SEO link farm, indicating a large number of embedded external links. The document body is unreadable, but the embedded URLs point to adult-themed content hosted on the domain 'calistazz.myhome.cx'. This suggests the PDF is being used as a lure to direct users to potentially malicious or unwanted websites.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://calistazz.myhome.cx/5867864866866866/Punished-Properly---Seduction-Spanking-Restraints-BDSM-Erotica-by-BDSM-BDSM.pdf
    • http://calistazz.myhome.cx/1867861863861860/Punished-Andr-Chevalier-BDSM-Stories-4-by-Nikki-Sex.pdf
    • http://calistazz.myhome.cx/5867864867865860/Punished-at-the-Platinum-Society-Working-for-the-Secret-BDSM-Club-by-Alicia-Roberts.pdf
    • http://calistazz.myhome.cx/3863861860868862/Pretty-When-You-Cry-BDSM-Erotica-Short-Stories-by-Keith-Anderson.pdf
    • http://calistazz.myhome.cx/4862865863867861/Secretary-in-Bondage-An-Erotica-Tale-of-BDSM-and-Domination-by-Anne-Hedonia.pdf
    • http://calistazz.myhome.cx/7861863865865868/Given-By-My-Master-to-the-Strangers-A-BDSM-Training-Erotica-Story-by-Carmen-Sprite.pdf
    • http://calistazz.myhome.cx/4860862864869860/Stripped-Paddled-and-Bound-a-nearly-free-gay-BDSM-voluntary-hazing-erotica-by-Layla-Lewis.pdf
    • http://calistazz.myhome.cx/2869868869868864/The-Black-Unicorn-BDSM-Erotica-Black-Unicorn-Ranch-Book-1-by-Anonymous.pdf
    • http://calistazz.myhome.cx/5867864867865863/C-is-for-BDSM-Checklist-3-by-L-DuBois.pdf
    • http://calistazz.myhome.cx/5867864867865861/Everything-BDSM-by-Abbey-Pointer.pdf
    • http://calistazz.myhome.cx/5867864866867860/The-ABC-s-of-BDSM-by-Dama-deNoche.pdf
    • http://calistazz.myhome.cx/1860862861867865868/Die-Sklaven-BDSM-by-Lola-Hammerfeld.pdf
    • http://calistazz.myhome.cx/5867864868862869/BDSM-Lifestyles-by-John--Smith.pdf
    • http://calistazz.myhome.cx/7861869867865860/Der-Job---Eins-BDSM-Roman-by-Mirador.pdf
    • http://calistazz.myhome.cx/1861869864860861862/Die-Sex-Entf-hrung-Gay-BDSM-by-Marc-Andr-.pdf
    • http://calistazz.myhome.cx/5867864868862864/BDSM-Trilogy-by-Elaine-Shuel.pdf
    • http://calistazz.myhome.cx/5867864866868863/Keep-Me-A-BDSM-Romance-by-Cate-Bellerose.pdf
    • http://calistazz.myhome.cx/1867867866864866/BDSM-Billionaire-by-Lady-Aingealicia.pdf
    • http://calistazz.myhome.cx/4864869865869860/BDSM-Volume-1-by-The-Grey-Knight.pdf
    • http://calistazz.myhome.cx/7864868866865862/BDSM---Sex-und-Rock-n-Roll-by-Joe-Gessler.pdf
    • http://calistazz.myhome.cx/4860862864869860/Stripped-Paddled-and-Bound-a-nearly

Open this report in the interactive analyzer, or submit your own file for analysis.