Malicious PDF — malware analysis report

Static analysis result for SHA-256 565b190f46f5672c…

MALICIOUS

PDF

42.4 KB Created: 2018-11-14 11:20:29 +03:00 Authoring application: easyPDF Printer Driver 4.3 (via BCL easyPDF 4.30 (0303))
MD5: 85a9ec6daf307ec8eeb575105fa52d39 SHA-1: 4d02b45fe95d22aeb0f4b0683441826219b1b22d SHA-256: 565b190f46f5672c7436d80523a99e8746ad49a1ff6178e57d500f06c401d249
62 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The file is identified as a PDF dropper by ClamAV. It contains an embedded URI pointing to 'http://www.gorillawalker.com/apoptosis-handbook.pdf', which is likely the malicious payload. The document body is heavily obfuscated and does not provide further clues about the specific lure.

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7140479-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7140479-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/apoptosis-handbook.pdf
    • http://www.gorillawalker.com/pathology-of-peripheral-nerves-an-atlas-of-structural-and-molecular.pdf
    • http://www.gorillawalker.com/before-orientalism-london-s-theatre-of-the-east-1576-1626.pdf
    • http://www.gorillawalker.com/family-violence-legal-medical-and-social-perspectives-6th-sixth-edition.pdf
    • http://www.gorillawalker.com/witch-the-true-story-of-las-vegas-most-notorious-female.pdf
    • http://www.gorillawalker.com/an-introduction-to-painting-portraits-style-composition-proportion-mood-light.pdf
    • http://www.gorillawalker.com/the-right-brain-business-plan-a-creative-visual-map-for.pdf
    • http://www.gorillawalker.com/solitude-considered-with-respect-to-its-influence-upon-the-mind.pdf
    • http://www.gorillawalker.com/mizuki-katase-girl-a-japanese-edition.pdf
    • http://www.gorillawalker.com/scottish-artists-1750-1900-from-caledonia-to-the-continent.pdf
    • http://www.gorillawalker.com/surgical-technologist-cool-careers-cherry-lake.pdf
    • http://www.gorillawalker.com/two-burners-and-an-ice-chest-the-art-of-relaxed.pdf
    • http://www.gorillawalker.com/the-oil-shale-industry-1920.pdf
    • http://www.gorillawalker.com/the-book-of-you-and-me.pdf
    • http://www.gorillawalker.com/planting-new-churches-in-a-postmodern-age.pdf
    • http://www.gorillawalker.com/la-forza-del-destino-act-ii-madre-pietosa-vergine-soprano.pdf
    • http://www.gorillawalker.com/essays-on-deleuze.pdf
    • http://www.gorillawalker.com/bimbo-seduction-taboo-bimbo-shifter-erotica.pdf
    • http://www.gorillawalker.com/practice-tips.pdf
    • http://www.gorillawalker.com/veterinary-parasitology-veterinary-series.pdf
    • http://www.gorillawalker.com/the-loaf-and-ladle-cook-book.pdf
    • http://www.gorillawalker.com/the-aeroprint-catalogue-of-aviation-art-prints-5.pdf
    • http://www.gorillawalker.com/powwows-fat-cats-and-other-indian-tales.pdf
    • http://www.gorillawalker.com/divided-loyalties-dividing-line-book-2-dividing-line-series-kindle.pdf
    • http://www.gorillawalker.com/health-healing-and-amuse-system-humor-as-survival-training.pdf
    • http://www.gorillawalker.com/costa-rican-spanish-in-your-pocket-globetrotter-in-your-pocket.pdf
    • http://www.gorillawalker.com/health-care-for-all-history-of-a-third-world-dilemma.pdf
    • http://www.gorillawalker.com/guide-to-california-backroads-4-wheel-drive-trails.pdf
    • http://www.gorillawalker.com/product-design-in-the-sustainable-era.pdf
    • http://www.gorillawalker.com/disaster-and-recovery-planning-a-guide-for-facility-managers-sixth.pdf
    • http://www.gorillawalker.com/hell-on-heels-she-s-the-devils-daughter-looking-to.pdf
    • http://www.gorillawalker.com/finite-math-and-applied-calculus-enhanced-review-edition.pdf
    • http://www.gorillawalker.com/pep-guardiola-another-way-of-winning-the-biography-by-balague.pdf
    • http://www.gorillawalker.com/parcells-autobiography-of-the-biggest-giant-of-them-all.pdf
    • http://www.gorillawalker.com/untying-the-knot-john-mark-byers-and-the-west-memphis.pdf
    • http://www.gorillawalker.com/the-politics-of-possession-property-authority-and-access-to-natural.pdf
    • http://www.gorillawalker.com/lizard-loopy-s-w-i-t-c-h.pdf
    • http://www.gorillawalker.com/germany-and-the-second-world-war-volume-vi-the-global.pdf
    • http://www.gorillawalker.com/the-message-remix-remix-the-new-testament.pdf
    • http://www.gorillawalker.com/the-reference-manual-of-woody-plant-propagation-from-seed-to.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.