Malicious PDF — malware analysis report

Heuristics 5

• Embedded script payload in PDF stream high PDF_EMBEDDED_SCRIPT_PAYLOAD
  PDF stream bytes contain script execution markers such as ActiveXObject/CreateObject, WScript.Shell, PowerShell, or shell-exec primitives. This is stronger than ordinary PDF JavaScript because it indicates a staged external script payload hidden in stream bytes.
• Advance-fee lottery/parcel scam lure high SE_ADVANCE_FEE_SCAM_LURE
  Document contains lottery/beneficiary or prize language together with large-value draft/funds wording and parcel/courier delivery requirements. This is a classic advance-fee fraud document shape.
• Suspicious extracted artifact medium EXTRACTED_FILE_STATIC_TRIAGE
  One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://www.gorillawalker.com/antiheroes-heroes-villains-and-the-fine-line-between-kindle-edition.pdf

  • http://www.gorillawalker.com/urban-economics-and-real-estate-markets.pdf
  • http://www.gorillawalker.com/more-perfect-union-a.pdf
  • http://www.gorillawalker.com/measuring-and-analyzing-informal-learning-in-the-digital-age-advances.pdf
  • http://www.gorillawalker.com/computer-addiction-pb-a-study-of-computer-dependency.pdf
  • http://www.gorillawalker.com/high-tech-low-life-the-art-of-shadowrun.pdf
  • http://www.gorillawalker.com/amitayurdhyana-sutra-the-diamond-sutra-kindle-edition.pdf
  • http://www.gorillawalker.com/vascular-embolotherapy-a-comprehensive-approach-volume-2-oncology-trauma-gene.pdf
  • http://www.gorillawalker.com/9-11-the-ultimate-truth.pdf
  • http://www.gorillawalker.com/experiments-in-modern-physics.pdf
  • http://www.gorillawalker.com/introduction-to-physical-geology-saunders-golden-sunburst-series.pdf
  • http://www.gorillawalker.com/constitutionalism-in-islamic-countries-between-upheaval-and-continuity.pdf
  • http://www.gorillawalker.com/honda-trx300ex-trx400ex-atvs-93-99-haynes-owners-workshop-manual.pdf
  • http://www.gorillawalker.com/the-moment-of-the-magician-spellsinger.pdf
  • http://www.gorillawalker.com/beachbum-berry-s-grog-log.pdf
  • http://www.gorillawalker.com/cunning-folk-and-familiar-spirits-shamanistic-visionary-traditions-in-early.pdf
  • http://www.gorillawalker.com/african-writers-on-african-writing-studies-in-african-literature.pdf
  • http://www.gorillawalker.com/30-days-to-conquer-toeic-vocabulary-chinese-edition.pdf
  • http://www.gorillawalker.com/escape-from-leviathan-libertarianism-without-justificationism.pdf
  • http://www.gorillawalker.com/confronting-urban-legacy-rediscovering-hartford-and-new-england-s-forgotten.pdf
  • http://www.gorillawalker.com/innovative-mental-toughness-training-for-baseball-visualization-techniques-to-reach.pdf
  • http://www.gorillawalker.com/short-cuts-the-screenplay.pdf
  • http://www.gorillawalker.com/world-war-2-soldier-stories-the-untold-stories-of-the.pdf
  • http://www.gorillawalker.com/without-your-courage.pdf
  • http://www.gorillawalker.com/neurotransmitters-in-neuronal-plasticity-and-psychiatric-disorders-proceedings-of-the.pdf
  • http://www.gorillawalker.com/exercises-in-spanish-grammar-exercises-in-spanish-grammar.pdf
  • http://www.gorillawalker.com/a-child-s-guide-to-pictures-original-illustrations-classic-books.pdf
  • http://www.gorillawalker.com/treasury-of-italian-love-poems-quotations-and-proverbs.pdf
  • http://www.gorillawalker.com/trama-de-una-guerra-conveniente-nueva-vizcaya-y-la-sombra.pdf
  • http://www.gorillawalker.com/piloting-seamanship-and-small-boat-handling-1942-edition.pdf
  • http://www.gorillawalker.com/human-physiology-an-integrated-approach-books-a-la-carte-plus.pdf
  • http://www.gorillawalker.com/ling-ling-child-of-china.pdf
  • http://www.gorillawalker.com/phantom-writer-red-rock-mysteries-6.pdf
  • http://www.gorillawalker.com/festival-of-freedom-essays-on-pesah-and-the-haggadah-meotzar.pdf
  • http://www.gorillawalker.com/cracking-the-sat-il-biology-subject-tests-1998-ed-edition.pdf
  • http://www.gorillawalker.com/the-flute-yale-musical-instrument-series.pdf
  • http://www.gorillawalker.com/understanding-hypnosis-and-self-hypnosis.pdf
  • http://www.gorillawalker.com/star-wars-episode-i-jar-jar-binks-18-month-collectible.pdf
  • http://www.gorillawalker.com/script-tease-today-s-hottest-screenwriters-bare-all.pdf
  • http://www.gorillawalker.com/handbook-of-financial-econometrics-and-statistics-4-volume-set.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.