Malicious PDF — malware analysis report

Static analysis result for SHA-256 0bdbe41de7f7dfc0…

MALICIOUS

PDF

34.3 KB Created: 2020-03-12 17:17:43 +03:00 Authoring application: Acrobat Elements 10.0.0 (Windows)
MD5: cdac1debc4ff7732983a4843d9c5e0eb SHA-1: 848d447525bd3b60c83141dd17b38ca894ea9e51 SHA-256: 0bdbe41de7f7dfc0009f29bef83ead4934bc9308ffd16add464fcde381519ce4
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a significant number of embedded external links, identified by the PDF_SEO_LINK_FARM heuristic. This suggests the document's primary purpose is to act as a link farm, potentially for SEO manipulation or to distribute other content. No scripts were extracted, and the document body was heavily obfuscated, limiting further analysis of intent.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8529

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/beatrix-potter-s-art-a-selection-of-paintings-and-drawings.pdf
    • http://www.gorillawalker.com/the-surviving-basic-training-guidebook-1-kindle-edition.pdf
    • http://www.gorillawalker.com/latin-favorites-accordion-edition-book-cd-english-and-spanish-edition.pdf
    • http://www.gorillawalker.com/the-seed-beneath-the-snow-remembering-george-mackay-brown-digital.pdf
    • http://www.gorillawalker.com/understanding-sexuality-research.pdf
    • http://www.gorillawalker.com/qualitative-data-analysis.pdf
    • http://www.gorillawalker.com/exploring-the-dangerous-trades-the-autobiography-of-alice-hamilton-m.pdf
    • http://www.gorillawalker.com/beautiful-breakdown-hunter-s-blood-series-volume-4.pdf
    • http://www.gorillawalker.com/sharks-other-fish-adapted-for-success.pdf
    • http://www.gorillawalker.com/little-book-of-naughty-limericks.pdf
    • http://www.gorillawalker.com/risk-management-and-the-student-affairs-professional-naspa-monograph-series.pdf
    • http://www.gorillawalker.com/practical-perioperative-transoesophageal-echocardiography-text-with-cd-rom-1e.pdf
    • http://www.gorillawalker.com/student-solutions-manual-with-study-guide-for-burden-faires-burden.pdf
    • http://www.gorillawalker.com/food-safety-at-issue.pdf
    • http://www.gorillawalker.com/carl-rogers-key-figures-in-counselling-and-psychotherapy-series-kindle.pdf
    • http://www.gorillawalker.com/research-strategies-in-the-social-sciences-a-guide-to-new.pdf
    • http://www.gorillawalker.com/mel-bay-s-violin-method.pdf
    • http://www.gorillawalker.com/chinese-paradise-the-fun-way-to-learn-chinese-student-s.pdf
    • http://www.gorillawalker.com/el-hombre-en-busca-del-sentido-ultimo-spanish-edition.pdf
    • http://www.gorillawalker.com/whole-beast-butchery-the-complete-visual-guide-to-beef-lamb.pdf
    • http://www.gorillawalker.com/el-yakusa-de-mi-coraz-n-spanish-edition.pdf
    • http://www.gorillawalker.com/integrity-the-courage-to-meet-the-demands-of-reality-abridged.pdf
    • http://www.gorillawalker.com/zinn-the-art-of-mountain-bike-maintenance.pdf
    • http://www.gorillawalker.com/economics-of-the-environment-selected-readings-sixth-edition.pdf
    • http://www.gorillawalker.com/understanding-health-insurance-a-guide-to-billing-and-reimbursement-8th.pdf
    • http://www.gorillawalker.com/fertility-assessment-and-treatment-for-people-with-fertility-problems.pdf
    • http://www.gorillawalker.com/it-s-raining-cupcakes.pdf
    • http://www.gorillawalker.com/the-genesis-question-scientific-advances-and-the-accuracy-of-genesis.pdf
    • http://www.gorillawalker.com/keep.pdf
    • http://www.gorillawalker.com/words-against-the-void-poems-by-an-existential-psychologist.pdf
    • http://www.gorillawalker.com/travels-through-flanders-holland-germany-sweden-and-denmark-containing-an.pdf
    • http://www.gorillawalker.com/rainbow-fish-finds-his-way-rainbow-fish.pdf
    • http://www.gorillawalker.com/world-war-ii-the-cold-war-1940-1960-graphic-u.pdf
    • http://www.gorillawalker.com/radiocarbon-date-list-i-western-and-northern-spitsbergen-svalbard-occasional.pdf
    • http://www.gorillawalker.com/manual-oficial-de-ahimsa-dog-training-una-gu.pdf
    • http://www.gorillawalker.com/cure-back-pain-forever-kindle-edition.pdf
    • http://www.gorillawalker.com/tiger-eye-the-first-dirk-steele-novel-dirk-steele-series.pdf
    • http://www.gorillawalker.com/slut-a-play-and-guidebook-for-combating-sexism-and-sexual.pdf
    • http://www.gorillawalker.com/yale-s-confederates-a-biographical-dictionary.pdf
    • http://www.gorillawalker.com/the-successful-law-firm-new-approaches-to-structure-and-management.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.