Malicious PDF — malware analysis report

Static analysis result for SHA-256 1e846a91bf8e1f23…

MALICIOUS

PDF

41.7 KB Created: 2018-12-28 08:08:45 +03:00 Authoring application: Acrobat PDFMaker 9.1 for Word (via Adobe PDF Library 9.0)
MD5: 80b7e70b04e2691cd971f417d758a227 SHA-1: fd5409445f2a87cdc5e5f1608e3864d909440daa SHA-256: 1e846a91bf8e1f23f8b37d6ea697076fd648a666094114ef97aca50e322caedb
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF was flagged by a critical heuristic for containing a large number of external links, suggesting a link farm or SEO manipulation tactic. The ML classifier also indicated a high probability of maliciousness. While no scripts were extracted, the sheer volume of links points towards a malicious intent, likely to redirect users to compromised or malicious sites.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-jefferson-bible-the-life-and-morals-of-jesus-of.pdf
    • http://www.gorillawalker.com/the-aeneid-2nd-edition-york-notes-advanced.pdf
    • http://www.gorillawalker.com/cataract-detection-measurement-and-management-in-optometric-practice-1e.pdf
    • http://www.gorillawalker.com/practical-data-communications-for-instrumentation-and-control-idc-technology.pdf
    • http://www.gorillawalker.com/essays-on-the-nature-and-state-of-modern-economics-economics.pdf
    • http://www.gorillawalker.com/letterhead-and-logo-design-12.pdf
    • http://www.gorillawalker.com/this-should-not-be-happening-young-adults-with-cancer-kindle.pdf
    • http://www.gorillawalker.com/concrete-industrial-ground-floors-design-and-practice-guide-ice-design.pdf
    • http://www.gorillawalker.com/bedside-clinical-pharmacokinetics-simple-techniques-for-individualizing-drug-therapy.pdf
    • http://www.gorillawalker.com/reporting-in-tfs.pdf
    • http://www.gorillawalker.com/biaxial-multiaxial-fatigue-and-fracture-volume-31-european-structural-integrity.pdf
    • http://www.gorillawalker.com/inherited-beliefs-concepts-of-white-racism-a-subjective-bibliographical-essay.pdf
    • http://www.gorillawalker.com/501-essential-backgammon-problems-of-robertie-bill-2nd-second-revised.pdf
    • http://www.gorillawalker.com/redirect-changing-the-stories-we-live-by.pdf
    • http://www.gorillawalker.com/the-boatrockers-journey-to-boatrocker-mountain.pdf
    • http://www.gorillawalker.com/the-holon-method-a-breakthrough-in-energy-medicine-and-step.pdf
    • http://www.gorillawalker.com/jesus-of-nazareth-the-infancy-narratives.pdf
    • http://www.gorillawalker.com/traffic-radar-handbook-a-comprehensive-guide-to-speed-measuring-systems.pdf
    • http://www.gorillawalker.com/sacred-traces-british-explorations-of-buddhism-in-south-asia-histories.pdf
    • http://www.gorillawalker.com/stillwell-a-haunting-on-long-island.pdf
    • http://www.gorillawalker.com/what-s-the-story-essays-about-art-theater-and-storytelling.pdf
    • http://www.gorillawalker.com/brojobs.pdf
    • http://www.gorillawalker.com/anarchism-and-its-aspirations-anarchist-interventions.pdf
    • http://www.gorillawalker.com/led-on-step-by-step.pdf
    • http://www.gorillawalker.com/horror-literature-a-reader-s-guide-garland-reference-library-of.pdf
    • http://www.gorillawalker.com/proverbs-a-commentary-for-bible-students-wesleyan-bible-study-commentary.pdf
    • http://www.gorillawalker.com/bounty-hunter-guardian-love-inspired-suspense.pdf
    • http://www.gorillawalker.com/deltora-quest-1.pdf
    • http://www.gorillawalker.com/points-of-view.pdf
    • http://www.gorillawalker.com/law-mental-health-professionals-new-mexico.pdf
    • http://www.gorillawalker.com/ajax-the-complete-reference-kindle-edition.pdf
    • http://www.gorillawalker.com/seeds-of-a-new-power-a-bio-genetic-techno-thriller.pdf
    • http://www.gorillawalker.com/healthcare-under-duress-an-inside-look-at-the-university-of.pdf
    • http://www.gorillawalker.com/recasting-women-essays-in-indian-colonial-history.pdf
    • http://www.gorillawalker.com/animal-rights-human-morality3th-third-edition-text-only.pdf
    • http://www.gorillawalker.com/simply-yummy-vegan-vegetarian-cookbook.pdf
    • http://www.gorillawalker.com/fate-s-crossing-the-black-blood-legacies-volume-1.pdf
    • http://www.gorillawalker.com/the-heart-of-the-buddha-s-teaching-transforming-suffering-into.pdf
    • http://www.gorillawalker.com/quotable-sex.pdf
    • http://www.gorillawalker.com/the-angels-portion-a-clergyman-s-whisky-narrative.pdf
    • http://www.gorillawalker.com
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.