Malicious PDF — malware analysis report

Static analysis result for SHA-256 14a8ee38ae690299…

MALICIOUS

PDF

41.6 KB Created: 2018-12-05 08:16:12 +03:00 Authoring application: TeX (via MiKTeX pdfTeX-1.40.9)
MD5: 3bef50bb82c4aa3a0f9ad0dc5a7fddd0 SHA-1: ce2d3cfedc8238898fe6cd3ce440222848ecdc44 SHA-256: 14a8ee38ae690299199843d27efc051ba524d6f8e4436c89669feff5d8b2ed08
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, identified by the PDF_SEO_LINK_FARM heuristic. While no scripts were explicitly extracted, the ML_NYX_PDF_MALICIOUS classifier indicates malicious intent. The embedded URLs suggest a tactic to manipulate search engine results or distribute potentially malicious documents.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9027

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/calculus-and-analytic-geometry-student-self-study-manual.pdf
    • http://www.gorillawalker.com/endocrine-management-of-prostatic-cancer-new-developments-in-biosciences-4.pdf
    • http://www.gorillawalker.com/hairdressing-level-2-the-interactive-textbook.pdf
    • http://www.gorillawalker.com/occupational-therapy-models-for-intervention-with-children-and-families.pdf
    • http://www.gorillawalker.com/by-ronald-w-dudek-high-yield-embryology-high-yield-series.pdf
    • http://www.gorillawalker.com/riesling-really-is-made-in-the-vineyard-cellar-scene-an.pdf
    • http://www.gorillawalker.com/nonequilibrium-magnons-theory-experiment-and-applications.pdf
    • http://www.gorillawalker.com/louis-i-kahn-beyond-time-and-style-a-life-in.pdf
    • http://www.gorillawalker.com/vegetarian-microwave-cooking.pdf
    • http://www.gorillawalker.com/hints-of-effective-app-prototyping-hints-of-effective-app-prototyping.pdf
    • http://www.gorillawalker.com/new-ideas-on-the-structure-of-the-nervous-system-in.pdf
    • http://www.gorillawalker.com/army-tactical-standard-operating-procedures-atp-3-90-90.pdf
    • http://www.gorillawalker.com/application-of-gaskinetics-to-some-flow-problems.pdf
    • http://www.gorillawalker.com/the-logic-of-causation-definition-induction-and-deduction-of-deterministic.pdf
    • http://www.gorillawalker.com/polikarpov-s-biplane-fighters-vol-6-red-star.pdf
    • http://www.gorillawalker.com/hard-gras-98-oktober-2014-dutch-edition.pdf
    • http://www.gorillawalker.com/the-way-of-the-snowboarder.pdf
    • http://www.gorillawalker.com/public-policymaking.pdf
    • http://www.gorillawalker.com/liberal-utilitarianism-social-choice-theory-and-j-s-mill-s.pdf
    • http://www.gorillawalker.com/sweet-treats-wrapping-paper.pdf
    • http://www.gorillawalker.com/versatile-router-fine-woodworking-dvd-workshop.pdf
    • http://www.gorillawalker.com/real-natural-manhood-the-authentic-man-s-guide-to-courageous.pdf
    • http://www.gorillawalker.com/predatory-thinking.pdf
    • http://www.gorillawalker.com/my-story-by-marilyn-chambers.pdf
    • http://www.gorillawalker.com/gandhi-s-spinning-wheel-and-the-making-of-india-routledge.pdf
    • http://www.gorillawalker.com/the-yoga-bible.pdf
    • http://www.gorillawalker.com/lloyd-s-law-reports-1988-v-2.pdf
    • http://www.gorillawalker.com/mom-i-need-to-be-a-girl.pdf
    • http://www.gorillawalker.com/snakes-2011-square-12x12-wall-calendar.pdf
    • http://www.gorillawalker.com/celebrate-autumn-ages-5-8-a-christian-education-book.pdf
    • http://www.gorillawalker.com/no-peeping-under-the-curtain.pdf
    • http://www.gorillawalker.com/organic-structure-analysis-topics-in-organic-chemistry.pdf
    • http://www.gorillawalker.com/this-next-new-year-chinese-english-bilingual-edition-chinese-edition.pdf
    • http://www.gorillawalker.com/lutein-an-entry-from-thomson-gale-s-gale-encyclopedia-of.pdf
    • http://www.gorillawalker.com/the-carpenters-the-untold-story-an-authorized-biography.pdf
    • http://www.gorillawalker.com/wallpaper-city-guide-tokyo-wallpaper-city-guides.pdf
    • http://www.gorillawalker.com/lexi-comp-drug-information-handbook-for-advanced-practice-nursing-a.pdf
    • http://www.gorillawalker.com/the-math-olympian.pdf
    • http://www.gorillawalker.com/the-iron-knight-iron-fey.pdf
    • http://www.gorillawalker.com/preventive-cardiology-companion-to-braunwald-s-heart-disease-expert-consult.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.