Malicious PDF — malware analysis report

Static analysis result for SHA-256 14beb645deab089e…

MALICIOUS

PDF

33.9 KB Created: 2019-05-26 11:49:10 +03:00 Authoring application: Adobe Illustrator CS2 (via Adobe PDF library 7.77)
MD5: b780cdd136a79e826a3284310082ccfb SHA-1: 06bbe8c42872748944876be0fbf19efe99712f0a SHA-256: 14beb645deab089ed50f2b348fe5fa0a2274625f7125d17e4b3decc82f73fde7
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious with a high probability.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8529

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/rough-tough-charley.pdf
    • http://www.gorillawalker.com/the-big-book-of-curries-365-mouth-watering-recipes-from.pdf
    • http://www.gorillawalker.com/amisom-the-battle-for-somalia-2006-2013-africa-war.pdf
    • http://www.gorillawalker.com/comparative-private-law.pdf
    • http://www.gorillawalker.com/luther-s-works-vol-17-lectures-on-isaiah-chapters-40.pdf
    • http://www.gorillawalker.com/how-to-make-big-money-in-your-own-small-business.pdf
    • http://www.gorillawalker.com/desde-otra-mirada-spanish-edition.pdf
    • http://www.gorillawalker.com/american-conservatism-and-the-war-on-terror-routledge-studies-in.pdf
    • http://www.gorillawalker.com/gay-macho-the-life-and-death-of-the-homosexual-clone.pdf
    • http://www.gorillawalker.com/camp-cooke-and-vandenberg-air-force-base-1941-1966-from.pdf
    • http://www.gorillawalker.com/abrir-en-caso-de-apocalipsis-gu.pdf
    • http://www.gorillawalker.com/the-roadmap-from-disabilities-to-success-kindle-edition.pdf
    • http://www.gorillawalker.com/hawaiian-islands-with-special-reference-to-kaneohe-bay-oahu-south.pdf
    • http://www.gorillawalker.com/a-companion-to-the-concerto.pdf
    • http://www.gorillawalker.com/the-little-brat-and-the-athlete-taboo-first-time-erotica.pdf
    • http://www.gorillawalker.com/communication-skills-training-atd-workshop-series.pdf
    • http://www.gorillawalker.com/uncle-sam-american-symbols.pdf
    • http://www.gorillawalker.com/silent-tears-a-journey-of-hope-in-a-chinese-orphanage.pdf
    • http://www.gorillawalker.com/transfer-pricing-handbook-volumes-1-and-2.pdf
    • http://www.gorillawalker.com/the-best-of-the-best-40-delicious-recipes-from-zimbabwe.pdf
    • http://www.gorillawalker.com/the-chieftain-military-vehicles-fotofax.pdf
    • http://www.gorillawalker.com/the-infertility-treadmill-feminist-ethics-personal-choice-and-the-use.pdf
    • http://www.gorillawalker.com/lectures-on-christian-science-fourteen-authorized-discourses-delivered-1922-1942.pdf
    • http://www.gorillawalker.com/atlas-of-psychiatric-pharmacotherapy-second-edition.pdf
    • http://www.gorillawalker.com/nana-s-birthday-bubbles.pdf
    • http://www.gorillawalker.com/cardboard-heroes-bases-mixed.pdf
    • http://www.gorillawalker.com/introduction-to-connectionist-modelling-of-cognitive-processes-monographs.pdf
    • http://www.gorillawalker.com/zentangle-zentangle-art-for-beginners-learn-zentangle-basics-and-get.pdf
    • http://www.gorillawalker.com/brain-and-memory-games-70-fun-puzzles-to-boost-your.pdf
    • http://www.gorillawalker.com/organic-places-to-stay-in-the-uk.pdf
    • http://www.gorillawalker.com/basic-counselling-skills-a-helper-s-manual.pdf
    • http://www.gorillawalker.com/ios-6-foundations-treehouse-book-series-kindle-edition.pdf
    • http://www.gorillawalker.com/batacazos-poemas-para-reirse-escritura-de-satada.pdf
    • http://www.gorillawalker.com/el-circulo-de-los-escribas-the-scribes-circle-spanish-edition.pdf
    • http://www.gorillawalker.com/nutribullet-recipes-for-health-weight-loss-energy-and-vitality.pdf
    • http://www.gorillawalker.com/embryo-cd-color-atlas-for-developmental-biology-cd-rom-for.pdf
    • http://www.gorillawalker.com/the-unreleased-beatles-music-film.pdf
    • http://www.gorillawalker.com/prince-of-fools-red-queen-s-war-book-1-red.pdf
    • http://www.gorillawalker.com/confrontando-el-cancer-una-guia-complete-para-pacientes-y-sus.pdf
    • http://www.gorillawalker.com/the-essential-tao-an-initiation-into-the-heart-of-taoism.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.