Pdf.Dropper.Agent-7210756-0 — PDF malware analysis

Static analysis result for SHA-256 30f8a97b2b7cc06e…

MALICIOUS

PDF

43.2 KB Created: 2018-11-23 21:03:32 +03:00 Authoring application: GPL Ghostscript 8.64 (via Adobe PDF Library 8.0)
MD5: 828f6d453e96f1da4540c1f8b463bd37 SHA-1: 6f7dfce0a4464b1fadcb9dce9b323ffbc986230e SHA-256: 30f8a97b2b7cc06e5bd1f1b0289b5e8f0e73c2c90ae45469e7c3e5e261982e6c
62 Risk Score

Malware Insights

Pdf.Dropper.Agent-7210756-0 · confidence 95%

MITRE ATT&CK
T1059.001 PowerShell T1204.002 Malicious Link

The file was identified as malicious by ClamAV with the signature Pdf.Dropper.Agent-7210756-0. Static analysis revealed multiple embedded URLs pointing to PDF documents on the domain gorillawalker.com. These URLs are likely used to host and deliver secondary malicious payloads or to phish for user credentials. The presence of these external links strongly suggests a dropper or downloader attack pattern.

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7210756-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7210756-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/burned-deep-a-novel.pdf
    • http://www.gorillawalker.com/the-rough-guide-to-irish-folk-music-rough-guide-world.pdf
    • http://www.gorillawalker.com/editing-digital-video-the-complete-creative-and-technical-guide-digital.pdf
    • http://www.gorillawalker.com/across-the-spectrum-understanding-issues-in-evangelical-theology.pdf
    • http://www.gorillawalker.com/marchesi-vocal-method-vol-1664-op-31-schirmer-s-library.pdf
    • http://www.gorillawalker.com/inlander-u-del-ed-the-life-and-work-of-charles.pdf
    • http://www.gorillawalker.com/the-self-avoiding-walk-probability-and-its-applications.pdf
    • http://www.gorillawalker.com/1996-tax-law-changes-business-special-edition-an-article-from.pdf
    • http://www.gorillawalker.com/north-america-the-historical-geography-of-a-changing-continent.pdf
    • http://www.gorillawalker.com/das-gefilde-der-seligen-symphonische-dichtung-f-r-grosses-orchester.pdf
    • http://www.gorillawalker.com/lights-along-the-way-timeless-lessons-for-today-from-rabbi.pdf
    • http://www.gorillawalker.com/running-dry-kindle-edition.pdf
    • http://www.gorillawalker.com/zombie-dinosaurs-awakening-issue-3-kindle-edition.pdf
    • http://www.gorillawalker.com/social-histories-and-issues-in-human-consciousness-some-interdisciplinary-connections.pdf
    • http://www.gorillawalker.com/lost-the-caelian-cycle-book-1.pdf
    • http://www.gorillawalker.com/hollywood-representation-directory-35th-edition.pdf
    • http://www.gorillawalker.com/the-spirit-of-prophecy-second-edition.pdf
    • http://www.gorillawalker.com/the-art-of-violin-making.pdf
    • http://www.gorillawalker.com/high-frequency-trading-risks-rewards-and-regulation-world-scientific-series.pdf
    • http://www.gorillawalker.com/canadian-television-policy-and-the-board-of-broadcast-governors-1958.pdf
    • http://www.gorillawalker.com/encounter-in-the-pleiades-an-inside-look-at-ufos.pdf
    • http://www.gorillawalker.com/euthanasia-aiding-suicide-and-cessation-of-treatment-protection-of-life.pdf
    • http://www.gorillawalker.com/fetal-neonatal-bmji-journals-january-2008-vol-93-no-1.pdf
    • http://www.gorillawalker.com/the-saint-the-original-sinners.pdf
    • http://www.gorillawalker.com/2009-harris-massachusetts-manufacturers-directory-harris-massachusettes-manufacturers-directory.pdf
    • http://www.gorillawalker.com/cancer-pain.pdf
    • http://www.gorillawalker.com/presentation-jazz-how-to-make-your-sales-presentations-ing.pdf
    • http://www.gorillawalker.com/black-literature-and-literary-theory.pdf
    • http://www.gorillawalker.com/3-get-score-730-hy-toeic-test-measures-perfect-cd.pdf
    • http://www.gorillawalker.com/rand-mcnally-encyclopedia-of-world-rivers.pdf
    • http://www.gorillawalker.com/what-is-beth-yeshua.pdf
    • http://www.gorillawalker.com/a-m-e-zion-hymnal-official-hymnal-of-the-african.pdf
    • http://www.gorillawalker.com/the-ice-cream-boy-a-novelette-of-romance-religion-and.pdf
    • http://www.gorillawalker.com/the-adventures-of-aku.pdf
    • http://www.gorillawalker.com/fairy-tail-41.pdf
    • http://www.gorillawalker.com/language-files-materials-for-an-introduction-to-language-and-linguistics.pdf
    • http://www.gorillawalker.com/leones-grandes-felinos-spanish-edition.pdf
    • http://www.gorillawalker.com/neil-young-crazy-horse-sleeps-with-angels-authentic-guitar-tab.pdf
    • http://www.gorillawalker.com/working-alone-tips-and-techniques-for-solo-building-for-pros.pdf
    • http://www.gorillawalker.com/endless-empire-spain-s-retreat-europe-s-eclipse-america-s.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.