Malicious PDF — malware analysis report

Static analysis result for SHA-256 3ad815331147545f…

MALICIOUS

PDF

41.1 KB Created: 2018-12-15 08:09:51 +03:00 Authoring application: TeX (via pdfTeX-0.14f)
MD5: d0373c424ca360ec278448e96ca16c98 SHA-1: e44e9c26ec07d6c03458b35645621d63a6a4cb56 SHA-256: 3ad815331147545f5feced40bd0c0a95c3f08b0062968a6b3abe3ac6e3d54187
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF was flagged by a machine learning classifier and a critical heuristic for containing a large number of external links, suggesting a link farm. These links point to various PDF documents hosted on 'gorillawalker.com', indicating a potential attempt at SEO manipulation or a distribution point for further malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8872

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/boxing-in-america-an-autopsy.pdf
    • http://www.gorillawalker.com/divorce-and-child-custody-legal-and-policy-implications-for-the.pdf
    • http://www.gorillawalker.com/saving-the-white-lions-one-woman-s-battle-for-africa.pdf
    • http://www.gorillawalker.com/sherwood-nation-a-novel.pdf
    • http://www.gorillawalker.com/neuman-systems-model.pdf
    • http://www.gorillawalker.com/rembrandt-s-women-art-design.pdf
    • http://www.gorillawalker.com/commentary-on-the-american-prayer-book.pdf
    • http://www.gorillawalker.com/the-early-years-of-the-les-paul-legacy-1915-1963.pdf
    • http://www.gorillawalker.com/medicinal-and-aromatic-plants-of-the-indian-ocean-islands.pdf
    • http://www.gorillawalker.com/the-happy-fish-hooker-a-piscatorial-perpetration.pdf
    • http://www.gorillawalker.com/spalding-s-official-football-guide-for-1901.pdf
    • http://www.gorillawalker.com/101-blagues-qui-font-un-tabac-french-edition.pdf
    • http://www.gorillawalker.com/new-in-chess-yearbook-62-2002.pdf
    • http://www.gorillawalker.com/homer-and-the-odyssey.pdf
    • http://www.gorillawalker.com/the-end-of-white-world-supremacy-black-internationalism-and-the.pdf
    • http://www.gorillawalker.com/youth-football-skills-drills-a-new-coach-s-guide.pdf
    • http://www.gorillawalker.com/brave-new-family-g-k-chesterton-on-men-and-women.pdf
    • http://www.gorillawalker.com/the-house-in-the-middle-of-town.pdf
    • http://www.gorillawalker.com/t-v-tangle.pdf
    • http://www.gorillawalker.com/discovering-and-developing-molecules-with-optimal-drug-like-properties-aaps.pdf
    • http://www.gorillawalker.com/the-mysterious-island-abridged.pdf
    • http://www.gorillawalker.com/album-style-and-image-in-sleeve-design.pdf
    • http://www.gorillawalker.com/the-prelude-growth-of-a-poet-s-mind-an-autobiographical.pdf
    • http://www.gorillawalker.com/the-minutemen-and-their-world-american-century.pdf
    • http://www.gorillawalker.com/discovery-chronicles-of-man-the-first-age.pdf
    • http://www.gorillawalker.com/kunwinjku-spirit-creation-stories-from-western-arnhem-land.pdf
    • http://www.gorillawalker.com/auguste-racinet-the-world-of-ornament-25.pdf
    • http://www.gorillawalker.com/life-before-damaged-vol-5-the-ferro-family-life-before.pdf
    • http://www.gorillawalker.com/engaged-to-die-death-on-demand-mysteries-no-14.pdf
    • http://www.gorillawalker.com/so-dark-the-night-steeple-hill-love-inspired-suspense-43.pdf
    • http://www.gorillawalker.com/tercera-muchacha-spanish-edition-kindle-edition.pdf
    • http://www.gorillawalker.com/the-least-you-should-know-about-english-writing-skills.pdf
    • http://www.gorillawalker.com/bleach-3-in-1-edition-vol-9-includes-vols-25.pdf
    • http://www.gorillawalker.com/professional-waiter-waitress-training-manual-with-101-sop-kindle-edition.pdf
    • http://www.gorillawalker.com/ftce-elementary-education-k-6-flashcard-study-system-ftce-test.pdf
    • http://www.gorillawalker.com/brazil-and-the-wave-of-the-future.pdf
    • http://www.gorillawalker.com/politics-of-the-wild-canada-and-endangered-species.pdf
    • http://www.gorillawalker.com/investment-science.pdf
    • http://www.gorillawalker.com/japanese-decorative-papers-2016-calendar.pdf
    • http://www.gorillawalker.com/seymour-simon-s-extreme-earth-records.pdf
    • http://www.gorillawalker.com/the
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.