Malicious PDF — malware analysis report

Static analysis result for SHA-256 0b8dcbe10bdd52e3…

MALICIOUS

PDF

46.4 KB Created: 2018-12-07 18:27:19 +03:00 Authoring application: - (via Acrobat Distiller 5.0.1 for Macintosh)
MD5: 24c2613bfe19d90340231d14b7d66c3b SHA-1: 370c4a915c3831922ac49d68ab924c16803e264b SHA-256: 0b8dcbe10bdd52e395b02a44649a53a705254dfdb44131d3b073bd6bc24edf0b
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or a method to distribute additional malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8518

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/here-s-more-tell-me-why.pdf
    • http://www.gorillawalker.com/the-slim-ninja-delicious-healthy-smoothie-recipes-for-your-ninja.pdf
    • http://www.gorillawalker.com/haute-africa-people-photography-fashion.pdf
    • http://www.gorillawalker.com/toxic-pollutants-in-china-study-of-water-quality-criteria-springerbriefs.pdf
    • http://www.gorillawalker.com/a-war-it-was-always-going-to-lose-why-japan.pdf
    • http://www.gorillawalker.com/the-spirit-and-structure-of-german-fascism-by-robert-a.pdf
    • http://www.gorillawalker.com/make-design-for-cnc-practical-joinery-techniques-projects-and-tips.pdf
    • http://www.gorillawalker.com/salt-and-pepper-shakers-iii-identification-and-values.pdf
    • http://www.gorillawalker.com/the-39-clues-cahills-vs-vespers-card-pack-2-the.pdf
    • http://www.gorillawalker.com/thinking-hats-year-1-2-book-1-teach-thinking-skills.pdf
    • http://www.gorillawalker.com/making-hyundai-remaking-seoul-from-ceo-to-south-korea-s.pdf
    • http://www.gorillawalker.com/jiu-gong-ge-paper-notebook-for-writing-chinese-characters-notebook.pdf
    • http://www.gorillawalker.com/the-isometric-exercise-bible-a-workout-routine-for-everyone-abs.pdf
    • http://www.gorillawalker.com/digital-media-criticism-digital-formations.pdf
    • http://www.gorillawalker.com/iron-man-extremis.pdf
    • http://www.gorillawalker.com/500-gre-math-flash-cards-manhattan-prep-gre-strategy-guides.pdf
    • http://www.gorillawalker.com/legends-lairs-wildscape.pdf
    • http://www.gorillawalker.com/the-5-choices-the-path-to-extraordinary-productivity-unabridged-audible.pdf
    • http://www.gorillawalker.com/the-slavophile-controversy-history-of-a-conservative-utopia-in-nineteenth.pdf
    • http://www.gorillawalker.com/reinforced-masonry-design-prentice-hall-civil-engineering-and-engineering-mechanics.pdf
    • http://www.gorillawalker.com/the-law-and-governance-of-water-resources-the-challenge-of.pdf
    • http://www.gorillawalker.com/stars-for-freedom-hollywood-black-celebrities-and-the-civil-rights.pdf
    • http://www.gorillawalker.com/lower-wharfedale-and-washburn-valley-os-explorer-active-map.pdf
    • http://www.gorillawalker.com/david-armstrong-615-jefferson-avenue.pdf
    • http://www.gorillawalker.com/traditions-encounters-volume-a-from-the-beginning-to-1000.pdf
    • http://www.gorillawalker.com/big-bear-mistahimusqua-canadian-biography.pdf
    • http://www.gorillawalker.com/utah-and-pioneer-marriages-vol-1-volume-1.pdf
    • http://www.gorillawalker.com/law-express-employment-law.pdf
    • http://www.gorillawalker.com/new-year-s-day-celebrations-in-my-world.pdf
    • http://www.gorillawalker.com/how-to-start-a-big-money-t-shirt-business-for.pdf
    • http://www.gorillawalker.com/the-electric-guitar-a-history-of-an-american-icon.pdf
    • http://www.gorillawalker.com/defying-the-odds-on-the-pursuit-of-success-kindle-edition.pdf
    • http://www.gorillawalker.com/christopaganism-an-inclusive-path.pdf
    • http://www.gorillawalker.com/the-mba-advantage-why-it-pays-to-get-an-mba.pdf
    • http://www.gorillawalker.com/hope-for-the-nations-paul-s-letter-to-the-romans.pdf
    • http://www.gorillawalker.com/santa-s-workshop-the-inside-story.pdf
    • http://www.gorillawalker.com/security-metrics-management-how-to-manage-the-costs-of-an.pdf
    • http://www.gorillawalker.com/comrades-in-hope-sons-of-the-starfarers-book-ii.pdf
    • http://www.gorillawalker.com/sonatas-and-pieces-kalmus-edition.pdf
    • http://www.gorillawalker.com/encyclopaedia-of-forms-and-precedents.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.