Malicious PDF — malware analysis report

Static analysis result for SHA-256 5f9cdc5041760a06…

MALICIOUS

PDF

30.9 KB Created: 2019-12-29 00:46:55 +03:00 Authoring application: - (via Acrobat Distiller 7.0.5 (Windows))
MD5: 24ac06a8ca845fc9fb816ef56312d4f7 SHA-1: 0a65dab2e9df5fcb641c7afbfed32908bd642324 SHA-256: 5f9cdc5041760a06f5881819e31b6ccea3b91a887fc8a77b807dc9999a3133ea
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document was flagged for containing a large number of external links, a technique often used for SEO manipulation or to redirect users to malicious sites. While no scripts were extracted, the sheer volume of links suggests a malicious intent to leverage these external resources. The ML classifier also indicated a high probability of maliciousness.

Machine Learning

  • Nyx PDF Classifier malicious score 0.7790

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/coaching-positively-lessons-for-coaches-from-positive-psychology-coaching-in.pdf
    • http://www.gorillawalker.com/critical-theory-the-key-concepts-routledge-key-guides.pdf
    • http://www.gorillawalker.com/venice-for-pleasure.pdf
    • http://www.gorillawalker.com/touchthinklearn-baby-animals.pdf
    • http://www.gorillawalker.com/mi-nino-no-me-come-consejos-para-prevenir-y-resolver.pdf
    • http://www.gorillawalker.com/come-to-the-feast-companion-to-holy-communion.pdf
    • http://www.gorillawalker.com/elastohydrodynamics.pdf
    • http://www.gorillawalker.com/the-new-wave-mai-tai.pdf
    • http://www.gorillawalker.com/delta-force-the-army-s-elite-counterterrorist-unit.pdf
    • http://www.gorillawalker.com/biomedical-index-to-phs-supported-research-volume-2.pdf
    • http://www.gorillawalker.com/tim-burton-s-the-nightmare-before-christmas-p-v-g.pdf
    • http://www.gorillawalker.com/morals-and-dogma-of-the-ancient-and-accepted-scottish-rite.pdf
    • http://www.gorillawalker.com/new-guinea-impressions-in-the-footsteps-of-myklukho-maklay.pdf
    • http://www.gorillawalker.com/behind-the-scenes-with-the-mediums-kindle-edition.pdf
    • http://www.gorillawalker.com/animated-landscapes-history-form-and-function.pdf
    • http://www.gorillawalker.com/la-bibla-extreme-del-joven-radical.pdf
    • http://www.gorillawalker.com/the-earth-problems-and-perspectives.pdf
    • http://www.gorillawalker.com/gym-boys-gay-erotic-stories.pdf
    • http://www.gorillawalker.com/pink-ribbon-program-post-operative-workout-enhancing-recovery.pdf
    • http://www.gorillawalker.com/compound-interest-tables.pdf
    • http://www.gorillawalker.com/lowly-worm-s-shapes-and-sizes-busy-world-of-richard.pdf
    • http://www.gorillawalker.com/dk-adventures-bug-hunters.pdf
    • http://www.gorillawalker.com/practically-raw-desserts-flexible-recipes-for-all-natural-sweets-and.pdf
    • http://www.gorillawalker.com/surface-with-daring.pdf
    • http://www.gorillawalker.com/tales-of-majipoor-majipoor-cycle-series.pdf
    • http://www.gorillawalker.com/mental-health-practice-in-today-s-schools-issues-and-interventions.pdf
    • http://www.gorillawalker.com/cultural-traditions-in-brazil-cultural-traditions-in-my-world.pdf
    • http://www.gorillawalker.com/electrify-my-soul-songwriters-and-the-spiritual-source-author-dan.pdf
    • http://www.gorillawalker.com/good-night-time-tales.pdf
    • http://www.gorillawalker.com/maine-black-bears-2012-calendar.pdf
    • http://www.gorillawalker.com/understanding-imperial-russia.pdf
    • http://www.gorillawalker.com/one-minus-one-nancy-pearl-s-book-lust-rediscoveries.pdf
    • http://www.gorillawalker.com/the-kids-book-of-weather-forecasting-kids-can.pdf
    • http://www.gorillawalker.com/exile-and-pride-disability-queerness-and-liberation.pdf
    • http://www.gorillawalker.com/extreme-productivity-boost-your-results-reduce-your-hours-hardcover.pdf
    • http://www.gorillawalker.com/top-knife-art-and-craft-in-trauma-surgery.pdf
    • http://www.gorillawalker.com/jetzt-leben-mit-krebs-leidfaden-2015-heft-02-german-edition.pdf
    • http://www.gorillawalker.com/the-village-pub-country-series.pdf
    • http://www.gorillawalker.com/exploring-the-solar-system-a-history-with-22-activities-for.pdf
    • http://www.gorillawalker.com/fokine-memoirs-of-a-ballet-master.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.