Malicious PDF — malware analysis report

Static analysis result for SHA-256 f7de3b6cbd8719ca…

MALICIOUS

PDF

15.8 KB Created: 2019-06-04 10:09:45 +01:00 Authoring application: mPDF 5.7
MD5: 95d1f2dbfab6f69fd857b5942f4811b0 SHA-1: ada856f311ba4a30c12280a5fdb807f8e9b7dcd3 SHA-256: f7de3b6cbd8719cad6db2bc8c7cfc243f5e41dcc49acd98066d30444c31ee543
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded URLs, indicative of a link farm or a mechanism to distribute further malicious content. The heuristic 'PDF_SEO_LINK_FARM' specifically flags this behavior, suggesting the PDF is designed to manipulate search engine results or redirect users to potentially harmful sites. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://cefasfese.4pu.com/1732733732739736/An-Emergence-Of-Ghosts-Seven-Ghosts---The-BirdOfPrey-Chronicles-2-by-Brian-T-L-Strauss.pdf
    • http://cefasfese.4pu.com/1738737734731736/The-Downside-Ghosts-Unholy-Ghosts-Unholy-Magic-City-of-Ghosts-Downside-Ghosts-1-3-by-Stacia-Kane.pdf
    • http://cefasfese.4pu.com/1735735737734732/City-of-Ghosts-Downside-Ghosts-3-by-Stacia-Kane.pdf
    • http://cefasfese.4pu.com/6732738737738733/Ghosts-Apparitions-and-Poltergeists-An-Exploration-of-the-Supernatural-Through-History-by-Brian-Righi.pdf
    • http://cefasfese.4pu.com/3734732737732738/Old-Ghosts-by-Nik-Korpon.pdf
    • http://cefasfese.4pu.com/3738731733734732/Zen-Ghosts-by-Jon-J-Muth.pdf
    • http://cefasfese.4pu.com/1739734735735735/The-Ghosts-by-Antonia-Barber.pdf
    • http://cefasfese.4pu.com/4736734736736738/The-Philosophy-of-Ghosts-by-Sam-Tepes.pdf
    • http://cefasfese.4pu.com/1731734733735738/This-Game-of-Ghosts-by-Joe-Simpson.pdf
    • http://cefasfese.4pu.com/4733736739734732/Ghosts-of-Coronado-Bay-by-J-G-Faherty.pdf
    • http://cefasfese.4pu.com/9734736732737734/The-Ghosts-of-Galway-by-Ken-Bruen.pdf
    • http://cefasfese.4pu.com/4732735733734739/House-of-Ghosts-by-Ann-Turnbull.pdf
    • http://cefasfese.4pu.com/6731735737739730/Old-Ghosts-by-Sean-Michael.pdf
    • http://cefasfese.4pu.com/4732731739730730/Ghosts-of-Babylon-by-R-A-Mathis.pdf
    • http://cefasfese.4pu.com/1739732733737733/Heroes-amp-Ghosts-by-S-A-Payne.pdf
    • http://cefasfese.4pu.com/2733736737/Ghosts-by-Tess-McLennan.pdf
    • http://cefasfese.4pu.com/3738736737733735/Chasing-Ghosts-by-Lee-Driver.pdf
    • http://cefasfese.4pu.com/3735737733739/Ghosts-by-Raina-Telgemeier.pdf
    • http://cefasfese.4pu.com/4731738739735733/Between-Ghosts-by-Garrett-Leigh.pdf
    • http://cefasfese.4pu.com/1739739735731739/Simone-s-Ghosts-by-Roberta-L-Smith.pdf
    • http://cefasfese.4pu.com/4736734736736

Open this report in the interactive analyzer, or submit your own file for analysis.