Malicious PDF — malware analysis report

Static analysis result for SHA-256 4729793550d7193d…

MALICIOUS

PDF

34.1 KB Created: 2019-12-14 05:49:03 +03:00 Authoring application: Acrobat PDFMaker 11 for Word (via Adobe PDF Library 11.0)
MD5: e311813958f634efad8c5300b66a597f SHA-1: d967ba9183f8867a83892dc71413ef2b5a14205f SHA-256: 4729793550d7193d4f1b33f3f101c9a7e51191e1c0ea90400bb3b7fa0733e35f
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of external links, identified by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged this PDF as malicious. The embedded URLs point to various PDF documents hosted on the same domain, suggesting a link farm or content distribution network. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8015

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-americans-workbook-survey.pdf
    • http://www.gorillawalker.com/new-developments-in-securities-litigation-2015-ed-leading-lawyers-on.pdf
    • http://www.gorillawalker.com/mindsight-the-new-science-of-personal-transformation-kindle-edition.pdf
    • http://www.gorillawalker.com/the-complete-manual-of-typography.pdf
    • http://www.gorillawalker.com/the-toolbox-book-a-craftsman-s-guide-to-tool-chests.pdf
    • http://www.gorillawalker.com/still-lives-narratives-of-spinal-cord-injury.pdf
    • http://www.gorillawalker.com/master-english-in-12-topics-over-200-intermediate-words-and.pdf
    • http://www.gorillawalker.com/moon-planting-guide-for-gardeners.pdf
    • http://www.gorillawalker.com/ku-chieh-kang-and-china-s-new-history-nationalism-and.pdf
    • http://www.gorillawalker.com/an-introduction-to-atmospheric-gravity-waves-volume-102-international-geophysics.pdf
    • http://www.gorillawalker.com/e-encyclopedia.pdf
    • http://www.gorillawalker.com/the-use-of-legal-services-by-victims-of-accidents-in.pdf
    • http://www.gorillawalker.com/what-they-wanted.pdf
    • http://www.gorillawalker.com/skip-beat-vol-15.pdf
    • http://www.gorillawalker.com/luger-the-luger-book-the-encyclopedia-of-the-borchardt-and.pdf
    • http://www.gorillawalker.com/just-who-do-we-think-we-are-methodologies-for-autobiography.pdf
    • http://www.gorillawalker.com/pneumonia-pipeline-review-h2-2011-download-pdf-digital.pdf
    • http://www.gorillawalker.com/the-royal-navy-s-revenge-and-other-little-known-encounters.pdf
    • http://www.gorillawalker.com/welcome-to-mamoko.pdf
    • http://www.gorillawalker.com/comparative-law-an-introduction-comparative-law-series.pdf
    • http://www.gorillawalker.com/cognitive-illusions-a-handbook-on-fallacies-and-biases-in-thinking.pdf
    • http://www.gorillawalker.com/the-disfavored-hero-the-tomoe-gozen-saga-book-1-kindle.pdf
    • http://www.gorillawalker.com/navigation-in-exploration-scientific-instrument-analysis-1500-1650.pdf
    • http://www.gorillawalker.com/se-una-notte-d-inverno-un-viaggiatore-oscar-opere-di.pdf
    • http://www.gorillawalker.com/girls-ministry-handbook.pdf
    • http://www.gorillawalker.com/glamorous-by-george-the-key-to-creating-movie-star-style.pdf
    • http://www.gorillawalker.com/an-introduction-to-virology.pdf
    • http://www.gorillawalker.com/best-handwriting-for-ages-7-11-teachers-resource-book-photocopiable.pdf
    • http://www.gorillawalker.com/jews-in-the-early-modern-world.pdf
    • http://www.gorillawalker.com/six-systems-of-indian-philosophy-samkhya-and-yoga-naya-and.pdf
    • http://www.gorillawalker.com/the-queen-of-whale-cay-the-eccentric-story-of-joe.pdf
    • http://www.gorillawalker.com/6-sure-fire-ways-to-increase-your-metabolism-and-lose.pdf
    • http://www.gorillawalker.com/the-wolves-of-willoughby-chase-a-puffin-book.pdf
    • http://www.gorillawalker.com/mark-twain-the-complete-novels-audiobooks.pdf
    • http://www.gorillawalker.com/religion-in-the-making-lowell-lectures-1926.pdf
    • http://www.gorillawalker.com/introduction-to-the-physical-metallurgy-of-welding-monographs-in-materials.pdf
    • http://www.gorillawalker.com/apples-i-know-that.pdf
    • http://www.gorillawalker.com/soccer-systems-and-strategies.pdf
    • http://www.gorillawalker.com/pakistaner-pothe-prantore.pdf
    • http://www.gorillawalker.com/320-ap-calculus-ab-problems-arranged-by-topic-and-difficulty.pdf
    • http://www.gorillawalker.com/e-encycl
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.