Malicious PDF — malware analysis report

Static analysis result for SHA-256 3f912d8e34331459…

MALICIOUS

PDF

44.8 KB Created: 2018-12-15 08:11:54 +03:00 Authoring application: - (via ABBYY FineReader 11)
MD5: ce1c76ec15579b8371c55a11f5ccd90d SHA-1: 738d7fb8acc53cdc3ce9f9dcf0eccb46bb29446c SHA-256: 3f912d8e34331459572df7b42da919067ab47ed8b02e6291a590627b73f3f2b2
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded URLs pointing to PDF files on the domain www.gorillawalker.com. This behavior is indicative of a PDF SEO link farm, a technique often used to manipulate search engine rankings or to distribute a wide variety of potentially malicious content. The ML classifier also flagged the document as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.7914

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/exodus-daily-study-bible-series.pdf
    • http://www.gorillawalker.com/jacques-le-fataliste-et-son-maitre.pdf
    • http://www.gorillawalker.com/grammar-usage-workbook-grade-7.pdf
    • http://www.gorillawalker.com/leadership-and-management-of-volunteer-programs-a-guide-for-volunteer.pdf
    • http://www.gorillawalker.com/asm-metals-reference-book-third-edition.pdf
    • http://www.gorillawalker.com/an-occult-physiology-eight-lectures-by-rudolf-steiner.pdf
    • http://www.gorillawalker.com/the-bright-side-of-chess.pdf
    • http://www.gorillawalker.com/the-power-of-words-unveiling-the-speaker-and-writer-s.pdf
    • http://www.gorillawalker.com/letting-go-of-the-past-up-from-depression-overcome-past.pdf
    • http://www.gorillawalker.com/okinawa-s-complete-karate-system-isshin-ryu.pdf
    • http://www.gorillawalker.com/every-landlord-s-tax-deduction-guide.pdf
    • http://www.gorillawalker.com/e-b-h-bs-pharm-pharm-d-s-applied-pharmacology.pdf
    • http://www.gorillawalker.com/the-elements-of-dreamwork.pdf
    • http://www.gorillawalker.com/transitions-and-learning-through-the-lifecourse.pdf
    • http://www.gorillawalker.com/the-taming-of-gangster-gaz-tales-from-the-wild-side.pdf
    • http://www.gorillawalker.com/individualism-and-collectivism-new-directions-in-social-psychology.pdf
    • http://www.gorillawalker.com/student-instrumental-course-bassoon-student.pdf
    • http://www.gorillawalker.com/sanskrit-grammar.pdf
    • http://www.gorillawalker.com/the-new-psychology-of-leadership-identity-influence-and-power.pdf
    • http://www.gorillawalker.com/piano-solos-vol-3-kalmus-edition.pdf
    • http://www.gorillawalker.com/namibia-the-independent-traveler-s-guide.pdf
    • http://www.gorillawalker.com/fabricating-the-self-the-fictions-of-jessica-anderson-uqp-studies.pdf
    • http://www.gorillawalker.com/verbal-vanquish-kindle-edition.pdf
    • http://www.gorillawalker.com/scalextric-the-ultimate-guide-7th-edition.pdf
    • http://www.gorillawalker.com/clinical-pathology-and-diagnostic-testing-an-issue-of-veterinary-clinics.pdf
    • http://www.gorillawalker.com/valore-e-strategie-per-le-aziende-culturali-i-musei-oggi.pdf
    • http://www.gorillawalker.com/the-highlander-without-a-bride.pdf
    • http://www.gorillawalker.com/sensing-technology-current-status-and-future-trends-iv-smart-sensors.pdf
    • http://www.gorillawalker.com/man-does-not-live-by-sports-alone-devotions-for-men.pdf
    • http://www.gorillawalker.com/saxon-math-course-1-teacher-s-manual-vol-1.pdf
    • http://www.gorillawalker.com/talmud-bavli-tractate-niddah-vol-1-schottenstein-edition.pdf
    • http://www.gorillawalker.com/party-in-catland.pdf
    • http://www.gorillawalker.com/the-lemoine-affair-the-art-of-the-novella.pdf
    • http://www.gorillawalker.com/long-term-care-your-financial-planning-guide.pdf
    • http://www.gorillawalker.com/health-economics-for-non-economists-an-introduction-to-the-concepts.pdf
    • http://www.gorillawalker.com/the-big-dams-debate-the-environmental-sustainability-challenge-for-dam.pdf
    • http://www.gorillawalker.com/jake-and-lily.pdf
    • http://www.gorillawalker.com/cinemetrics-architectural-drawing-today.pdf
    • http://www.gorillawalker.com/bench-bar-a-complete-digest-of-the-wit-humor-asperities.pdf
    • http://www.gorillawalker.com/the-american-experience-the-history-and-culture-of-the-united.pdf
    • http://www.gorillawalker.com/the-power-of-words-unveiling-the-
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.