Malicious PDF — malware analysis report

Static analysis result for SHA-256 2368b651abae586a…

MALICIOUS

PDF

42.2 KB Created: 2018-12-07 18:30:02 +03:00 Authoring application: dvips(k) 5.993 Copyright 2013 Radical Eye Software (via GPL Ghostscript 9.14)
MD5: 9ed21f8817f83f7e69798b5c17d3f21e SHA-1: 7636d4d8e96b54bbc5b3106041964061a79ddf13 SHA-256: 2368b651abae586ada7c26b729e94894d88f2e0461cc257aa34d5f68553b14a8
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links pointing to other PDF files on the domain www.gorillawalker.com. This behavior is indicative of a link farm, often used for SEO manipulation or to distribute potentially malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8872

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/shadowgraph-one.pdf
    • http://www.gorillawalker.com/yu-gi-oh-r-vol-1.pdf
    • http://www.gorillawalker.com/the-kind-diet-a-simple-guide-to-feeling-great-losing.pdf
    • http://www.gorillawalker.com/if-my-heart-could-see-you.pdf
    • http://www.gorillawalker.com/low-cholesterol-cookbook-eating-for-health.pdf
    • http://www.gorillawalker.com/cooking-of-provincial-france-foods-of-the-world-series-cookbook.pdf
    • http://www.gorillawalker.com/knowledge-management-in-fuzzy-databases-studies-in-fuzziness-and-soft.pdf
    • http://www.gorillawalker.com/larsen-s-human-embryology-with-student-consult-online-access-4e.pdf
    • http://www.gorillawalker.com/lord-of-hawkfell-island-viking-series.pdf
    • http://www.gorillawalker.com/troubled-waters-an-elemental-blessings-novel.pdf
    • http://www.gorillawalker.com/global-bioethics-and-human-rights-contemporary-issues.pdf
    • http://www.gorillawalker.com/from-philosophy-to-psychotherapy-a-phenomenological-model-for-psychology-psychiatry.pdf
    • http://www.gorillawalker.com/the-grief-recovery-handbook-20th-anniversary-expanded-edition-20th-anniversary.pdf
    • http://www.gorillawalker.com/bunheads.pdf
    • http://www.gorillawalker.com/principles-of-supply-chain-management-a-balanced-approach-with-premium.pdf
    • http://www.gorillawalker.com/student-s-solutions-manual-for-elementary-algebra-for-college-students.pdf
    • http://www.gorillawalker.com/natural-hazards-earth-s-processes-as-hazards-disasters-and-catastrophes.pdf
    • http://www.gorillawalker.com/aagbi-core-topics-in-anaesthesia-2012.pdf
    • http://www.gorillawalker.com/japanese-women-poets-an-anthology-japan-in-the-modern-world.pdf
    • http://www.gorillawalker.com/secrets-of-six-pack-abs-how-to-be-trim-and.pdf
    • http://www.gorillawalker.com/women-in-politics-the-fawcett-lecture.pdf
    • http://www.gorillawalker.com/microwave-cooking-hardcover.pdf
    • http://www.gorillawalker.com/habermas-and-religion.pdf
    • http://www.gorillawalker.com/public-health-preparedness-emergency-response-and-the-cdc-public-health.pdf
    • http://www.gorillawalker.com/39-microlectures-in-proximity-of-performance.pdf
    • http://www.gorillawalker.com/doc-mcstuffins-pet-vet-disney-storybook-ebook.pdf
    • http://www.gorillawalker.com/photomap-gloucester-photomap.pdf
    • http://www.gorillawalker.com/lighting-circuits-characterization-and-modeling.pdf
    • http://www.gorillawalker.com/economics-principles-and-practices.pdf
    • http://www.gorillawalker.com/the-big-money-volume-three-of-the-u-s-a.pdf
    • http://www.gorillawalker.com/a-pocket-guide-to-nature-on-oahu.pdf
    • http://www.gorillawalker.com/the-nurse-executive-s-coaching-manual.pdf
    • http://www.gorillawalker.com/shadows-for-silence-in-the-forests-of-hell-kindle-single.pdf
    • http://www.gorillawalker.com/batik-fabled-cloth-of-java.pdf
    • http://www.gorillawalker.com/clifford-s-abc.pdf
    • http://www.gorillawalker.com/new-2015-a-level-physics-for-aqa-year-2-student.pdf
    • http://www.gorillawalker.com/the-cereal-box-mystery-the-boxcar-children-mysteries-65.pdf
    • http://www.gorillawalker.com/fierce-attachments.pdf
    • http://www.gorillawalker.com/chocolate-2014-slimline-calendar.pdf
    • http://www.gorillawalker.com/billions-billions-thoughts-on-life-and-death-at-the-brink.pdf
    • http://www.gorillawalk
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.