Malicious PDF — malware analysis report

Static analysis result for SHA-256 00df3d7facd2919e…

MALICIOUS

PDF

34.3 KB Created: 2019-09-18 00:11:13 +03:00 Authoring application: Data Dynamics ActiveReports (tm) for .NET
MD5: 4150b6cda2d75038c8faf69a74e8b214 SHA-1: ccf968d54d2e000cf1c23b153233214975857ddb SHA-256: 00df3d7facd2919eba32d573340f1a3665f16bce869c02b15b71bbd330d082ee
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files hosted on the same domain. This behavior is indicative of a link farm, often used for SEO manipulation or to distribute malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8018

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/arms-and-hunger.pdf
    • http://www.gorillawalker.com/a-bug-s-life-postcard-book-30-full-color-postcards.pdf
    • http://www.gorillawalker.com/cancer-ward-a-novel.pdf
    • http://www.gorillawalker.com/serie-secretos-cirug.pdf
    • http://www.gorillawalker.com/zen-in-english-literature-and-oriental-classics-a-dutton-paperback.pdf
    • http://www.gorillawalker.com/handbook-of-high-risk-perinatal-home-care-1e.pdf
    • http://www.gorillawalker.com/portugal-1-400-000-travel-map-international-travel-maps.pdf
    • http://www.gorillawalker.com/brewster-the-rooster.pdf
    • http://www.gorillawalker.com/in-pursuit-of-privacy-law-ethics-and-the-rise-of.pdf
    • http://www.gorillawalker.com/organizational-behavior-and-change-managing-diversity-cross-cultural-dynamics-and.pdf
    • http://www.gorillawalker.com/asterix-and-the-great-crossing.pdf
    • http://www.gorillawalker.com/caged-in-winter.pdf
    • http://www.gorillawalker.com/sex-wars-sexual-dissent-and-political-culture.pdf
    • http://www.gorillawalker.com/little-rock-girl-1957-how-a-photograph-changed-the-fight.pdf
    • http://www.gorillawalker.com/defying-victimhood-women-and-post-conflict-peacebuilding.pdf
    • http://www.gorillawalker.com/cataract-surgery-and-intraocular-lenses-a-21st-century-perspective-american.pdf
    • http://www.gorillawalker.com/shakespeare-lexicon-and-quotation-dictionary-a-complete-dictionary-of-all.pdf
    • http://www.gorillawalker.com/warship-warship-conway-maritime-press.pdf
    • http://www.gorillawalker.com/history-of-the-seventieth-ohio-regiment-from-its-organization-to.pdf
    • http://www.gorillawalker.com/the-case-of-the-dinosaur-birds-hank-the-cowdog-quality.pdf
    • http://www.gorillawalker.com/porsche-911-buyer-s-guide-2nd-edition.pdf
    • http://www.gorillawalker.com/the-all-american-cheese-and-wine-book-pairing-profiles-and.pdf
    • http://www.gorillawalker.com/visual-research-methods-in-the-social-sciences-awakening-visions.pdf
    • http://www.gorillawalker.com/combined-cycle-gas-steam-turbine-power-plants-3rd-edition.pdf
    • http://www.gorillawalker.com/zahnradtechnik-band-ii-stirnradverzahnungen-profilverschiebung-toleranzen-festigkeit-german-edition.pdf
    • http://www.gorillawalker.com/history-of-medicine-reference-and-research-subject-analysis-with-bibliography.pdf
    • http://www.gorillawalker.com/dreams-by-starlight.pdf
    • http://www.gorillawalker.com/beyond-the-utopian-ideal.pdf
    • http://www.gorillawalker.com/risk-and-responsibility.pdf
    • http://www.gorillawalker.com/government-by-mourning-death-and-political-integration-in-japan-1603.pdf
    • http://www.gorillawalker.com/archimedes-the-center-of-gravity-and-the-first-law-of.pdf
    • http://www.gorillawalker.com/east-dereham-and-aylsham-os-explorer-active-map.pdf
    • http://www.gorillawalker.com/david-jefferies-the-official-biography.pdf
    • http://www.gorillawalker.com/the-favorite-kindle-single-the-selection-novella.pdf
    • http://www.gorillawalker.com/a-dance-in-blood-velvet-blood-wine-sequence.pdf
    • http://www.gorillawalker.com/the-walking-deck-50-ways-to-walk-yourself-healthy.pdf
    • http://www.gorillawalker.com/infernal-lust-futanari-erotica-short-fling-fiction-kindle-edition.pdf
    • http://www.gorillawalker.com/mk3-komplete-the-only-complete-guide-to-mortal-kombat-3.pdf
    • http://www.gorillawalker.com/the-guns-of-normandy-a-soldier-s-eye-view-france.pdf
    • http://www.gorillawalker.com/suicide-junkie.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.