Malicious PDF — malware analysis report

Static analysis result for SHA-256 1d13dd4174a12377…

MALICIOUS

PDF

44.5 KB Created: 2019-04-08 09:01:00 +03:00 Authoring application: Acrobat Distiller 7.0.5 (Windows)
MD5: 5b7fe64a79f3e004e99a8263ee68bea1 SHA-1: 711febea10f30862a47bd9adfab0d5bb1d90a061 SHA-256: 1d13dd4174a12377274048e8488ca070a8810a46086e0f748188f0ebb7026988
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file was flagged by a machine learning classifier as malicious. It contains a large number of embedded external links, characteristic of SEO spam or link farms designed to redirect users to potentially harmful websites. The heuristic 'PDF_SEO_LINK_FARM' specifically identifies this behavior, indicating a likely attempt to manipulate search engine results or distribute malicious content through a large volume of links.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8439

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/la-osteoporosis-osteosporosis-que-es-y-como-prevenirla-what-is.pdf
    • http://www.gorillawalker.com/the-chemistry-of-organomanganese-compounds-r-mn-patai-s-chemistry.pdf
    • http://www.gorillawalker.com/johnny-cash-the-autobiography.pdf
    • http://www.gorillawalker.com/grand-urban-rules.pdf
    • http://www.gorillawalker.com/cricket-in-the-web-the-1949-unsolved-murder-that-unraveled.pdf
    • http://www.gorillawalker.com/how-did-we-find-out-about-vitamins.pdf
    • http://www.gorillawalker.com/citroen-the-complete-story.pdf
    • http://www.gorillawalker.com/maggi-and-henrietta-drawings-of-henrietta-moraes.pdf
    • http://www.gorillawalker.com/improving-healthcare-quality-and-cost-with-six-sigma.pdf
    • http://www.gorillawalker.com/black-white-photography-magazine-photo-masterclass-master-monochrome.pdf
    • http://www.gorillawalker.com/a-grammar-of-biblical-aramaic-with-an-index-of-biblical.pdf
    • http://www.gorillawalker.com/what-men-know-that-women-don-t-how-to-love.pdf
    • http://www.gorillawalker.com/seaworthiness-the-forgotten-factor-sailmate.pdf
    • http://www.gorillawalker.com/the-mini-farming-guide-to-composting-self-sufficiency-from-your.pdf
    • http://www.gorillawalker.com/the-brother-of-jesus-and-the-lost-teachings-of-christianity.pdf
    • http://www.gorillawalker.com/atom.pdf
    • http://www.gorillawalker.com/wimpy-kid-2013-calendar-illustrated-by-jeff-kinney.pdf
    • http://www.gorillawalker.com/ancient-symbology-in-fantasy-literature-a-psychological-study.pdf
    • http://www.gorillawalker.com/algebra-and-trigonometry-functions-and-applications-tests.pdf
    • http://www.gorillawalker.com/elsie-s-womanhood-original-elsie-classics-the-original-elsie-dinsmore.pdf
    • http://www.gorillawalker.com/ergodicity-and-stability-of-stochastic-processes.pdf
    • http://www.gorillawalker.com/ancient-civilizations-activity-book-harcourt-brace-social-studies.pdf
    • http://www.gorillawalker.com/max-mo-s-first-day-at-school-ready-to-reads.pdf
    • http://www.gorillawalker.com/criminal-law-an-outline-for-essay-writing-ivy-black-letter.pdf
    • http://www.gorillawalker.com/sun-and-moon-tarot.pdf
    • http://www.gorillawalker.com/principles-of-chemistry-a-molecular-approach-2nd-edition-2nd-second.pdf
    • http://www.gorillawalker.com/200-budget-smart-home-plans-affordable-homes-from-902-to.pdf
    • http://www.gorillawalker.com/avian-viruses-function-and-control.pdf
    • http://www.gorillawalker.com/1996-martindale-hubbell-international-arbitration-dispute-resolution-directory.pdf
    • http://www.gorillawalker.com/introduction-to-management-accounting-plus-new-myaccountinglab-with-pearson-etext.pdf
    • http://www.gorillawalker.com/legacy-the-official-boston-celtics-1992-1993-greenbook.pdf
    • http://www.gorillawalker.com/the-anonymous-bride-texas-boardinghouse-brides-book-1.pdf
    • http://www.gorillawalker.com/agency-rules-never-an-easy-day-at-the-office-volume.pdf
    • http://www.gorillawalker.com/gothic-serpent-black-hawk-down-mogadishu-1993-raid.pdf
    • http://www.gorillawalker.com/wesendonk-lieder-and-other-songs-for-voice-and-piano-dover.pdf
    • http://www.gorillawalker.com/low-fat-low-cholesterol-recipes-for-a-healthy-heart.pdf
    • http://www.gorillawalker.com/dramarama.pdf
    • http://www.gorillawalker.com/designing-the-perfect-resume.pdf
    • http://www.gorillawalker.com/agent-garbo-the-brilliant-eccentric-secret-agent-who-tricked-hitler.pdf
    • http://www.gorillawalker.com/abba-pater-an-inner-journey-mapped-out-by-key-speeches.pdf
    • http://www.gorillawalker.com/
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.