Pdf.Dropper.Agent-7114133-0 — PDF malware analysis

Static analysis result for SHA-256 256373ae7a65483b…

MALICIOUS

PDF

35.2 KB Created: 2019-07-20 22:37:22 +03:00 Authoring application: Adobe InDesign CS2 (4.0) (via Adobe PDF Library 7.0)
MD5: 462d9bc161b1869422af58ffb7d6867d SHA-1: 999c0c74a832b35931d6bf53a35c3f4f47d3fda1 SHA-256: 256373ae7a65483b58b94249c5c834498bc03bd56d8abf4544c91c17178f3c19
62 Risk Score

Malware Insights

Pdf.Dropper.Agent-7114133-0 · confidence 95%

MITRE ATT&CK
T1059.001 PowerShell

The ClamAV heuristic 'Pdf.Dropper.Agent-7114133-0' strongly indicates this PDF is a dropper. The presence of an external URI pointing to 'http://www.gorillawalker.com/jerk-california.pdf' further supports this, suggesting the PDF's primary function is to redirect the user to download a secondary malicious file. No scripts were extracted, but the PDF structure itself is indicative of a download lure.

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7114133-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7114133-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/jerk-california.pdf
    • http://www.gorillawalker.com/the-future-of-the-global-church-history-trends-and-possiblities.pdf
    • http://www.gorillawalker.com/ghosts-of-flight-401-unsolved-mysteries-raintree-hardcover.pdf
    • http://www.gorillawalker.com/weight-watchers-family-power-5-simple-rules-for-a-healthy.pdf
    • http://www.gorillawalker.com/the-black-man-s-hucow-fertile-interracial-milking-older-man.pdf
    • http://www.gorillawalker.com/the-record-of-a-regiment-of-the-line-being-a.pdf
    • http://www.gorillawalker.com/invisible-chess-moves-discover-your-blind-spots-and-stop-overlooking.pdf
    • http://www.gorillawalker.com/warhammer-fantasy-battle-rulebook-2010-2010.pdf
    • http://www.gorillawalker.com/now-you-know-why-some-succeed-and-others-fail-using.pdf
    • http://www.gorillawalker.com/control-engineering-theory-and-practice.pdf
    • http://www.gorillawalker.com/encyclopedia-of-cold-war-politics-facts-on-file-library-of.pdf
    • http://www.gorillawalker.com/charles-nelson-s-school-of-self-defense-the-red-and.pdf
    • http://www.gorillawalker.com/the-handbook-of-transformative-learning-theory-research-and-practice.pdf
    • http://www.gorillawalker.com/the-contented-toddler-years.pdf
    • http://www.gorillawalker.com/the-5-minute-veterinary-consult-canine-and-feline-pda-5.pdf
    • http://www.gorillawalker.com/iec-60068-2-48-ed-1-0-b-1982-environmental.pdf
    • http://www.gorillawalker.com/good-white-people-the-problem-with-middle-class-white-anti.pdf
    • http://www.gorillawalker.com/pourquoi-lire-les-classiques.pdf
    • http://www.gorillawalker.com/at-her-beck-and-call-part-ii-female-domination-series.pdf
    • http://www.gorillawalker.com/whiter-than-snow-meditations-on-sin-and-mercy-kindle-edition.pdf
    • http://www.gorillawalker.com/introduction-to-vlsi-systems.pdf
    • http://www.gorillawalker.com/budapesti-bringas-terkep-radfahrerkarte-map-for-bikers-hungarian-edition.pdf
    • http://www.gorillawalker.com/timothy-turtle.pdf
    • http://www.gorillawalker.com/el-silencio-interno-spanish-edition.pdf
    • http://www.gorillawalker.com/fm-7-85-ranger-unit-operations-and-soldier-s-handbook.pdf
    • http://www.gorillawalker.com/sam-colby-the-return-book-2.pdf
    • http://www.gorillawalker.com/electronic-projects-for-musicians.pdf
    • http://www.gorillawalker.com/autumn-of-the-spring-chicken-wit-and-wisdom-for-women.pdf
    • http://www.gorillawalker.com/for-whom-the-bell-tolls-hudson-river-edition-series.pdf
    • http://www.gorillawalker.com/the-tropical-sky-maps-of-the-constellations-visible-in-the.pdf
    • http://www.gorillawalker.com/spss-predictive-models.pdf
    • http://www.gorillawalker.com/crock-pot-recipes-crock-pot-recipes-for-supreme-healthy-eating.pdf
    • http://www.gorillawalker.com/year-4-handwriting.pdf
    • http://www.gorillawalker.com/principles-of-auditing-and-other-assurance-services-w-enron-powerweb.pdf
    • http://www.gorillawalker.com/gender-actualized-cases-in-communicatively-constructing-realities.pdf
    • http://www.gorillawalker.com/making-it-in-high-heels-3-innovators-and-trailblazers-unabridged.pdf
    • http://www.gorillawalker.com/doing-qualitative-research-a-comprehensive-guide.pdf
    • http://www.gorillawalker.com/renters-insurance-how-to-insure-kindle-edition.pdf
    • http://www.gorillawalker.com/mustangs-over-korea-the-north-american-f-51-at-war.pdf
    • http://www.gorillawalker.com/introduction-to-estimating-for-construction-kindle-edition.pdf
    • http://www.gorillawalker
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.