Malicious PDF — malware analysis report

Static analysis result for SHA-256 15e4add315feedda…

MALICIOUS

PDF

42.6 KB Created: 2019-02-12 18:48:12 +03:00 Authoring application: Adobe InDesign CS4 (6.0.6) (via Mac OS X 10.9.1 Quartz PDFContext)
MD5: eb5cb652f3748263c6741f3538822428 SHA-1: 1d1d7bdd15c21eac6b107fe21b781c9a6a6bde3a SHA-256: 15e4add315feeddae54a0c10ac0f1046506f773576431732e8dd50b1c28b1671
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO manipulation or to distribute malicious content. The ML classifier also flagged this PDF as malicious. The primary attack pattern observed is the creation of a link farm, likely intended to drive traffic or distribute further payloads.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9027

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/werewolf-a-world-at-war-novel-world-at-war-online.pdf
    • http://www.gorillawalker.com/political-interventions-social-science-and-political-action.pdf
    • http://www.gorillawalker.com/24-pick-6-wheeling-systems-in-6-sequential-books-24.pdf
    • http://www.gorillawalker.com/indian-summer.pdf
    • http://www.gorillawalker.com/an-introduction-to-greek-dover-language-guides.pdf
    • http://www.gorillawalker.com/from-history-to-narrative-hermeneutics-studies-in-biblical-literature.pdf
    • http://www.gorillawalker.com/drawing-bloodlines-the-legend-of-the-firewalker-book-2-kindle.pdf
    • http://www.gorillawalker.com/his-own-counsel-the-life-and-times-of-lyman-trumball.pdf
    • http://www.gorillawalker.com/how-to-coach-a-woman-a-practitioner-s-manual.pdf
    • http://www.gorillawalker.com/mysterious-circumstances.pdf
    • http://www.gorillawalker.com/the-art-of-war-annotated.pdf
    • http://www.gorillawalker.com/blood-fluid-consciousness.pdf
    • http://www.gorillawalker.com/the-art-of-conducting-technique-a-new-perspective-video.pdf
    • http://www.gorillawalker.com/god-s-great-big-love-for-me-3-16-preschool.pdf
    • http://www.gorillawalker.com/two-black-cadillacs-piano-vocal-guitar-sheet-original-sheet-music.pdf
    • http://www.gorillawalker.com/histoire-de-la-guerre-d-algerie-french-edition.pdf
    • http://www.gorillawalker.com/a-christmas-carola-ghost-story-of-christmas-wilson-acting-edition.pdf
    • http://www.gorillawalker.com/la-luce-necessaria-conversazione-con-luca-bigazzi-seconda-edizione-aggiornata.pdf
    • http://www.gorillawalker.com/ghost-seer-the-ghost-seer-series.pdf
    • http://www.gorillawalker.com/two-flutes-playing-a-spiritual-journeybook-for-gay-men-white.pdf
    • http://www.gorillawalker.com/a-brief-history-of-the-baptists-and-their-distinctive-principles.pdf
    • http://www.gorillawalker.com/electrical-service-and-repair-domestic-cars-annual-supplement-1992.pdf
    • http://www.gorillawalker.com/innovating-out-of-crisis-how-fujifilm-survived-and-thrived-as.pdf
    • http://www.gorillawalker.com/henry-lawson-treasury.pdf
    • http://www.gorillawalker.com/dash-diet-recipes-jumpstart-cookbook-over-30-mouthwatering-recipes-ready.pdf
    • http://www.gorillawalker.com/film-posters-of-the-80s-the-essential-movies-of-the.pdf
    • http://www.gorillawalker.com/clandestino-in-search-of-manu-chao.pdf
    • http://www.gorillawalker.com/amec-bicentennial-hymnal-african-methodist-episcopal-church.pdf
    • http://www.gorillawalker.com/the-anatomy-of-the-zulu-army-from-shaka-to-cetshway.pdf
    • http://www.gorillawalker.com/the-best-of-eroticature-org-gay-erotica-spring-2015-the.pdf
    • http://www.gorillawalker.com/adventures-in-japanese-volume-2-textbook-3rd-edition.pdf
    • http://www.gorillawalker.com/monty-master-of-the-battlefield-1942-1944-volume-2.pdf
    • http://www.gorillawalker.com/simple-ukulele-chords-easy-to-use-easy-to-carry-the.pdf
    • http://www.gorillawalker.com/collected-poems-of-muriel-rukeyser.pdf
    • http://www.gorillawalker.com/the-ox-herder-and-the-good-shepherd.pdf
    • http://www.gorillawalker.com/handbuch-der-spread-spectrum-technik-german-edition.pdf
    • http://www.gorillawalker.com/culture-and-international-law-from-peace-to-justice-series.pdf
    • http://www.gorillawalker.com/a-woman-of-wisdom-dee-brestin-s-series.pdf
    • http://www.gorillawalker.com/monsoon-mists-kinross.pdf
    • http://www.gorillawalker.com/california-rules-of-court-federal-district-courts-2015-california-court.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.