MALICIOUS
60
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF document contains a large number of links to external PDFs, primarily hosted on the domain 'cefasfese.4pu.com'. This heuristic firing suggests a link farm or redirection scheme designed to drive traffic to potentially malicious content. While the document body itself is heavily obfuscated, the presence of numerous links to a single domain is a strong indicator of malicious intent, likely for SEO manipulation or to host malicious payloads disguised as documents. No scripts were extracted from this sample.
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cefasfese.4pu.com/6732732732737735/Ibrahim-Pasha-Grand-Vizir-of-Suleiman-the-Magnificent-by-Hester-Donaldson-Jenkins.pdf
- http://cefasfese.4pu.com/8730738734732737/Ibrahim-Pasha-Grand-Vizir-of-Suleiman-the-Magnificent-by-Hester-Donaldson-Jenkins.pdf
- http://cefasfese.4pu.com/2730736733736730/Four-Princes-Henry-VIII-Francis-I-Charles-V-Suleiman-the-Magnificent-and-the-Obsessions-that-Forged-Modern-Europe-by-John-Julius-Norwich.pdf
- http://cefasfese.4pu.com/8730738734735738/An-Account-of-Monsieur-de-Quesne-s-Late-Expedition-at-Chio-Together-with-the-Negotiation-of-Monsieur-Guilleragues-the-French-Ambassadour-at-the-Port-In-a-Letter-Written-by-an-Officer-of-the-Grand-Vizir-s-to-a-Pacha-Translated-Into-English-1683-by-Daniel-Defoe.pdf
- http://cefasfese.4pu.com/3738736739737735/Hester-on-the-Run-Hester-s-Hunt-for-Home-1-by-Linda-Byler.pdf
- http://cefasfese.4pu.com/4731739730738735/Magnificent-Devices-Bundle-Volume-1-Magnificent-Devices-1-4-by-Shelley-Adina.pdf
- http://cefasfese.4pu.com/2731731737735/Seduction-of-an-English-Beauty-Grand-Passion-on-the-Grand-Tour-2-by-Miranda-Jarrett.pdf
- http://cefasfese.4pu.com/8730738734732738/A-Justi-a-do-Vizir-by-Christian-Jacq.pdf
- http://cefasfese.4pu.com/1734739733732732/Mother-of-the-Believers-by-Kamran-Pasha.pdf
- http://cefasfese.4pu.com/8730738734732733/Setting-a-goal-plan-in-life-in-10-easy-steps-by-Ana-Vizir.pdf
- http://cefasfese.4pu.com/1731730735739734736/The-Elmo-Jenkins-Trilogy-Elmo-Jenkins-1-3-by-McMillian-Moody.pdf
- http://cefasfese.4pu.com/2736738738736732/The-Abyssinian-Proof-Kamil-Pasha-2-by-Jenny-White.pdf
- http://cefasfese.4pu.com/6732734730739733/The-Muslim-Bonaparte-Diplomacy-and-Orientalism-in-Ali-Pasha-s-Greece-by-K-E-Fleming.pdf
- http://cefasfese.4pu.com/2731735730730732/The-Journey-Prize-Stories-22-The-Best-of-Canada-s-New-Writers-by-Pasha-Malla.pdf
- http://cefasfese.4pu.com/8730738734735739/Two-Statesman-of-Mediaeval-Islam-Vizir-Ibn-Hubayra-499-560-Ah-1105-1165-Ad-and-Caliph-an-N-Sir-Li-D-N-All-H-553-622-Ah-1158-1225-Ad-by-Herbert-Mason.pdf
- http://cefasfese.4pu.com/1731730736730735732/Arby-Jenkins-Arby-Jenkins-1-by-Sharon-Hambrick.pdf
- http://cefasfese.4pu.com/6730738734736739/From-Here-I-Can-See-The-End-by-Ibrahim-Yared.pdf
- http://cefasfese.4pu.com/3732737732731730/Katie-by-Mo-Ibrahim.pdf
- http://cefasfese.4pu.com/3734734737738731/Hester-by-Mrs-Oliphant.pdf
- http://cefasfese.4pu.com/6732732732732734/On-the-Hills-of-God-by-Ibrahim-Fawal.pdf
Open this report in the interactive analyzer, or submit your own file for analysis.