Malicious PDF — malware analysis report

Static analysis result for SHA-256 102796567ad65430…

MALICIOUS

PDF

44.0 KB Created: 2018-11-26 20:03:29 +03:00 Authoring application: LaTeX with hyperref package (via pdfeTeX-1.10b)
MD5: e8045cbb0c5546ee22075031cd572d4e SHA-1: ea2bb7c6afc007fc9a5f975ddd7d617e842ebcbf SHA-256: 102796567ad65430a72a466455249d92707603c3deac40f64fa154546fbdf27a
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded URLs pointing to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged the document as malicious. The primary purpose appears to be SEO manipulation or potentially distributing further malicious content through these links.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8439

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/collaborative-care-of-the-facial-injury-patient-an-issue-of.pdf
    • http://www.gorillawalker.com/japanese-fairy-tales-english-translation-kindle-edition.pdf
    • http://www.gorillawalker.com/best-countries-for-solo-travelers-photo-book-photo-album-photo.pdf
    • http://www.gorillawalker.com/the-challenge-of-the-gospel-cycle-a-reflections-on-the.pdf
    • http://www.gorillawalker.com/santa-barbara-county-california.pdf
    • http://www.gorillawalker.com/handmade-for-the-garden-75-ingenious-ways-to-enhance-your.pdf
    • http://www.gorillawalker.com/cahiers-du-cin-ma-the-1950s-neo-realism-hollywood-new.pdf
    • http://www.gorillawalker.com/shame-a-novel-kindle-edition.pdf
    • http://www.gorillawalker.com/fun-with-shapes-reader-rabbit.pdf
    • http://www.gorillawalker.com/new-york-post-extra-hot-su-doku-the-official-utterly.pdf
    • http://www.gorillawalker.com/joan-of-arc-a-life-transfigured-kindle-edition.pdf
    • http://www.gorillawalker.com/shadowrun-fifth-ed-softcover-op.pdf
    • http://www.gorillawalker.com/en-que-estara-pensando-spanish-edition.pdf
    • http://www.gorillawalker.com/economics-of-the-public-health.pdf
    • http://www.gorillawalker.com/assessment-scales-in-child-and-adolescent-psychiatry-crc-press-2006.pdf
    • http://www.gorillawalker.com/harvard-s-secret-court-the-savage-1920-purge-of-campus.pdf
    • http://www.gorillawalker.com/das-reformierte-pfarrhaus-auslauf-oder-zukunftsmodell-denkmal-german-edition.pdf
    • http://www.gorillawalker.com/the-heath-anthology-of-american-literature-volume-d-heath-anthology.pdf
    • http://www.gorillawalker.com/fallen-seal-legacy-seal-brotherhood-series-book-2.pdf
    • http://www.gorillawalker.com/winged-victory.pdf
    • http://www.gorillawalker.com/knopf-mapguide-rome-knopf-mapguides.pdf
    • http://www.gorillawalker.com/ten-beach-road-kindle-edition.pdf
    • http://www.gorillawalker.com/the-maintenance-of-life-preventing-social-death-through-euthanasia-talk.pdf
    • http://www.gorillawalker.com/2006-country-profile-and-guide-to-sudan-national-travel-guidebook.pdf
    • http://www.gorillawalker.com/the-hepatitis-c-cookbook-easy-and-delicious-recipes.pdf
    • http://www.gorillawalker.com/this-or-that-survival-debate-a-rip-roaring-game-of.pdf
    • http://www.gorillawalker.com/overcoming-rejection-spiritual-warfare-impact-christian.pdf
    • http://www.gorillawalker.com/children-as-research-subjects-science-ethics-and-law.pdf
    • http://www.gorillawalker.com/the-shariyat-ki-sugmad-book-i-discover-the-ancient-scriptures.pdf
    • http://www.gorillawalker.com/rutas-de-chile-mapa-carretero.pdf
    • http://www.gorillawalker.com/omics-applications-in-biomedical-agricultural-and-environmental-sciences.pdf
    • http://www.gorillawalker.com/the-directory-of-nursing-homes-1994.pdf
    • http://www.gorillawalker.com/optoelectronics-designers-handbook.pdf
    • http://www.gorillawalker.com/sabelotodo-1000-desafios-para-tu-inteligencia-1000-brain-teasers-spanish.pdf
    • http://www.gorillawalker.com/saving-sullivan.pdf
    • http://www.gorillawalker.com/warm-hearts-in-cold-regions-a-tale-of-arctic-life.pdf
    • http://www.gorillawalker.com/the-human-comedy-la-comedie-humaine-volume-2-includes-the.pdf
    • http://www.gorillawalker.com/supercars-300-top-performance-machines-expert-guide.pdf
    • http://www.gorillawalker.com/the-history-of-game-theory-volume-1-from-the-beginnings.pdf
    • http://www.gorillawalker.com/barnyard-brainwash-dc-super-pets.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.