Malicious PDF — malware analysis report

Static analysis result for SHA-256 10d26b4a06fbdfaa…

MALICIOUS

PDF

44.3 KB Created: 2019-04-11 11:51:31 +03:00 Authoring application: Adobe InDesign CS6 (Windows) (via Adobe PDF Library 10.0.1)
MD5: 29582c581db9dded97424271969b8a89 SHA-1: 17557c680ec5dedc883128e5abb2ce01e6c47e41 SHA-256: 10d26b4a06fbdfaa699518ed4240d0153ba3784bd5e41446f834f302410a2a12
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, as indicated by the 'PDF_SEO_LINK_FARM' heuristic. While no scripts were explicitly extracted, the presence of embedded URLs and the ML classifier's high confidence score suggest malicious intent. The primary goal appears to be directing users to a website hosting numerous PDF documents, potentially for SEO manipulation or to serve as a distribution point for further malicious content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9171

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/using-r-with-multivariate-statistics.pdf
    • http://www.gorillawalker.com/legal-ethics-and-human-dignity-cambridge-studies-in-philosophy-and.pdf
    • http://www.gorillawalker.com/the-waning-of-emancipation-jewish-history-memory-and-the-rise.pdf
    • http://www.gorillawalker.com/chemical-and-process-plant-commissioning-handbook-a-practical-guide-to.pdf
    • http://www.gorillawalker.com/professional-english-for-logistics-engineering-and-management-chinese-edition.pdf
    • http://www.gorillawalker.com/clinical-procedures-for-ocular-examination-third-edition.pdf
    • http://www.gorillawalker.com/lectionary-for-mass-classic-edition-sundays-one-volume.pdf
    • http://www.gorillawalker.com/falling-upward-a-spirituality-for-the-two-halves-of-life.pdf
    • http://www.gorillawalker.com/praising-the-grace-of-god-leader-s-guide-the-theology.pdf
    • http://www.gorillawalker.com/off-the-beaten-path-new-mexico-3rd-ed.pdf
    • http://www.gorillawalker.com/jesus-a-to-z-trinity-trilogy.pdf
    • http://www.gorillawalker.com/ayurveda-a-complete-ayurvedic-guide-to-self-healing-and-improved.pdf
    • http://www.gorillawalker.com/daily-power-and-prayer-devotional-tp.pdf
    • http://www.gorillawalker.com/elizabeth-cady-stanton-the-right-is-ours.pdf
    • http://www.gorillawalker.com/the-book-of-boston.pdf
    • http://www.gorillawalker.com/the-musical-representation-meaning-ontology-and-emotion-bradford-books.pdf
    • http://www.gorillawalker.com/a-prisoner-of-the-mind-a-love-story-of-alzheimer.pdf
    • http://www.gorillawalker.com/la-mujer-herida-sanar-la-relacion-padre-hija-the-wounded.pdf
    • http://www.gorillawalker.com/the-woman-in-the-moon-the-revels-plays-revels-plays.pdf
    • http://www.gorillawalker.com/i-hate-you-don-t-leave-me-understanding-the-borderline.pdf
    • http://www.gorillawalker.com/whitewater-chile.pdf
    • http://www.gorillawalker.com/explorer-s-guide-hawaii-s-big-island-a-great-destination.pdf
    • http://www.gorillawalker.com/testing-applications-on-the-web-test-planning-for-mobile-and.pdf
    • http://www.gorillawalker.com/houghton-mifflin-mathematics-practice-workbook-level-6.pdf
    • http://www.gorillawalker.com/the-art-of-teaching-adults-how-to-become-an-exceptional.pdf
    • http://www.gorillawalker.com/exceptional-children-conference-2001-the-idea-social-change-the-annual.pdf
    • http://www.gorillawalker.com/knife-fighting-a-practical-course.pdf
    • http://www.gorillawalker.com/consumer-bankruptcy-law-and-practice-debtor-rights-library.pdf
    • http://www.gorillawalker.com/saves-nine-time-will-tell-volume-2.pdf
    • http://www.gorillawalker.com/allegro-appassionato-op-70-bassoon-2-part-qty-4-a4106.pdf
    • http://www.gorillawalker.com/the-savage-storm-britain-on-the-brink-in-the-age.pdf
    • http://www.gorillawalker.com/taoism-world-religions-facts-on-file.pdf
    • http://www.gorillawalker.com/petunia-perry-and-the-curse-of-the-ugly-pigeon.pdf
    • http://www.gorillawalker.com/a-plain-understanding-of-the-red-dragon-kindle-edition.pdf
    • http://www.gorillawalker.com/the-great-physician-s-rx-for-health-and-wellness.pdf
    • http://www.gorillawalker.com/in-the-arms-of-god.pdf
    • http://www.gorillawalker.com/wild-tales-volume-5-three-book-box-set-futanari-hucow.pdf
    • http://www.gorillawalker.com/candida-cure-naturali-e-alimentazione.pdf
    • http://www.gorillawalker.com/run-with-office.pdf
    • http://www.gorillawalker.com/making-sense-of-spirituality-in-nursing-and-health-care-practice.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.