MALICIOUS
92
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF file contains an embedded URI pointing to an external PDF document. The ML classifier flagged this PDF as malicious with a high probability. The presence of an embedded JavaScript file suggests an attempt to execute code, likely to facilitate the download of the linked content or a further payload. The document body itself is heavily obfuscated and does not provide clear textual lures.
Machine Learning
- Nyx PDF Classifier malicious score 0.8856
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.gorillawalker.com/corporate-finance-and-governance.pdf In PDF document text
- http://www.gorillawalker.com/el-museo-de-la-inocencia-the-museum-of-innocence-spanish.pdfIn PDF document text
- http://www.gorillawalker.com/medianoche-en-marble-arch-spanish-edition.pdfIn PDF document text
- http://www.gorillawalker.com/the-waterloo-archive-volume-v.pdfIn PDF document text
- http://www.gorillawalker.com/the-big-bang-third-edition.pdfIn PDF document text
- http://www.gorillawalker.com/wish-upon-a-star-a-falling-star-to-wish-upon.pdfIn PDF document text
- http://www.gorillawalker.com/the-voyages-of-joshua-slocum-special-anniversary-edition.pdfIn PDF document text
- http://www.gorillawalker.com/data-structures-outside-in-with-java.pdfIn PDF document text
- http://www.gorillawalker.com/dieta-de-la-super-energia.pdfIn PDF document text
- http://www.gorillawalker.com/agriculture-302-success-secrets-302-most-asked-questions-on-agriculture.pdfIn PDF document text
- http://www.gorillawalker.com/to-sleep-perchance-to-die.pdfIn PDF document text
- http://www.gorillawalker.com/homemade-laundry-soap-supplies-easy-diy-household-recipes-for-laundry.pdfIn PDF document text
- http://www.gorillawalker.com/how-to-prepare-a-research-proposal-guidelines-for-funding-and.pdfIn PDF document text
- http://www.gorillawalker.com/by-various-2015-antique-maps-wall-calendar-wal-calendar.pdfIn PDF document text
- http://www.gorillawalker.com/the-corpse-in-the-cellar-and-further-tales-of-cleveland.pdfIn PDF document text
- http://www.gorillawalker.com/usmle-step-2-ck-qbook-usmle-prep.pdfIn PDF document text
- http://www.gorillawalker.com/nim-chimpsky-the-chimp-who-would-be-human.pdfIn PDF document text
- http://www.gorillawalker.com/mixed-signal-circuits-devices-circuits-and-systems.pdfIn PDF document text
- http://www.gorillawalker.com/specks.pdfIn PDF document text
- http://www.gorillawalker.com/talking-turkeys.pdfIn PDF document text
- http://www.gorillawalker.com/mars-vol-11.pdfIn PDF document text
- http://www.gorillawalker.com/the-project-to-live-why-people-do-what-they-do.pdfIn PDF document text
- http://www.gorillawalker.com/afghanistan-how-the-west-lost-its-way.pdfIn PDF document text
- http://www.gorillawalker.com/guide-to-the-coastal-towns-of-new-england.pdfIn PDF document text
- http://www.gorillawalker.com/the-golden-bough-cambridge-library-collection-classics-volume-5.pdfIn PDF document text
- http://www.gorillawalker.com/new-york-s-50-best-places-to-eat-southern-where.pdfIn PDF document text
- http://www.gorillawalker.com/your-favorite-foods-paleo-style-part-2-and-paleo-vitamix.pdfIn PDF document text
- http://www.gorillawalker.com/250-classic-rap-quotes-kindle-edition.pdfIn PDF document text
- http://www.gorillawalker.com/holy-ignorance-when-religion-and-culture-part-ways.pdfIn PDF document text
- http://www.gorillawalker.com/empire-furniture-in-italy.pdfIn PDF document text
- http://www.gorillawalker.com/public-choice-a-primer-iea-occasional-papers.pdfIn PDF document text
- http://www.gorillawalker.com/test-your-endgame-thinking-everyman-chess.pdfIn PDF document text
- http://www.gorillawalker.com/life-on-the-autism-spectrum-a-guide-for-girls-and.pdfIn PDF document text
- http://www.gorillawalker.com/corrupting-the-image-angels-aliens-and-the-antichrist-revealed.pdfIn PDF document text
- http://www.gorillawalker.com/cal-99-365-days-of-black-history.pdfIn PDF document text
- http://www.gorillawalker.com/liquid-phase-epitaxial-growth-of-iii-v-compound-semiconductor-materials.pdfIn PDF document text
- http://www.gorillawalker.com/jake-s-list.pdfIn PDF document text
- http://www.gorillawalker.com/w-amadeus-mozart-pictogramas-en-la-historia-de-spanish-edition.pdfIn PDF document text
- http://www.gorillawalker.com/staging-the-court-of-burgundy-studies-in-medieval-and-early.pdfIn PDF document text
- http://www.gorillawalker.com/east-and-west-of-jordan.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_000_off00000209.js |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x209 | 13957 bytes |
SHA-256: c7551a0acdf612da3cc991cee0287c1ad2ddb715065a392279ee5c167175b977 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.