Malicious PDF — malware analysis report

Static analysis result for SHA-256 743484760896ff71…

MALICIOUS

PDF

40.0 KB Created: 2018-12-15 08:09:50 +03:00 Authoring application: Adobe Acrobat Pro 11.0.18 (via Adobe PDF Library 11.0)
MD5: 265c924619b8c1669e31fa4cabb0a7e2 SHA-1: 625bf5176ecbc5b65a68a7a607eb76f3f4d8e507 SHA-256: 743484760896ff71fdace00876e6c6fd107286fa69671c51973a186b55a2986e
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a significant number of embedded links to external PDF files hosted on the same domain. This behavior is indicative of a link farm or SEO manipulation tactic, often used to distribute malicious content or engage in phishing. While no scripts were explicitly extracted, the PDF structure and embedded URLs strongly suggest a malicious intent to redirect users or influence search results.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9526

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/boystown-2-three-more-nick-nowak-mysteries-boystown-mysteries-volume.pdf
    • http://www.gorillawalker.com/serene-gardens-creating-japanese-design-and-detail-in-the-western.pdf
    • http://www.gorillawalker.com/exercises-for-weather-climate-8th-edition.pdf
    • http://www.gorillawalker.com/the-costumes-of-the-various-tribes-portraits-of-ladies-of.pdf
    • http://www.gorillawalker.com/just-married-romance.pdf
    • http://www.gorillawalker.com/sent-into-the-lord-s-vineyard-explorations-in-the-jesuit.pdf
    • http://www.gorillawalker.com/havasupai-legends-religion-and-mythology-of-the-havasupai-indians-of.pdf
    • http://www.gorillawalker.com/buddhist-and-taoist-studies-asian-studies-at-hawaii-no-18.pdf
    • http://www.gorillawalker.com/physics-for-scientists-and-engineers-chs-1-37-with-masteringphysics.pdf
    • http://www.gorillawalker.com/the-sheep-lands-of-northern-wisconsin.pdf
    • http://www.gorillawalker.com/movie-star-bimbo-bimbofication-futa-on-female-book-3.pdf
    • http://www.gorillawalker.com/los-7-pasos-del-perdon-spanish-edition.pdf
    • http://www.gorillawalker.com/roadside-america-365-days.pdf
    • http://www.gorillawalker.com/glass-in-the-modern-world-a-study-in-materials-development.pdf
    • http://www.gorillawalker.com/vorgesetztenbeurteilung-im-rahmen-eines-360-feedback-german-edition.pdf
    • http://www.gorillawalker.com/in-denmark-it-could-not-happen-the-flight-of-the.pdf
    • http://www.gorillawalker.com/nachhaltige-unternehmensf-hrung-grundz-ge-industriellen-umweltmanagements-springer-lehrbuch-german.pdf
    • http://www.gorillawalker.com/issues-in-feminist-film-criticism-a-midland-book.pdf
    • http://www.gorillawalker.com/the-physiological-basis-of-metabolic-bone-disease.pdf
    • http://www.gorillawalker.com/ageing-gender-and-illness-in-anglophone-literature-narrating-age-in.pdf
    • http://www.gorillawalker.com/the-essentials-of-financial-analysis.pdf
    • http://www.gorillawalker.com/game-zone.pdf
    • http://www.gorillawalker.com/the-encyclopedia-of-one-liner-comedy.pdf
    • http://www.gorillawalker.com/wisdom-the-midway-albatross-surviving-the-japanese-tsunami-and-other.pdf
    • http://www.gorillawalker.com/medical-anthropology-contemporary-theory-and-method.pdf
    • http://www.gorillawalker.com/invisible-embrace-book-3-kelly-mcallister-the-kelly-mcallister-novels.pdf
    • http://www.gorillawalker.com/bioceramics-volumes-6-7-and-8-3-volume-set-vol.pdf
    • http://www.gorillawalker.com/four-discourses-of-chrysostom.pdf
    • http://www.gorillawalker.com/did-jesus-teach-salvation-by-works-the-role-of-works.pdf
    • http://www.gorillawalker.com/blessed-friction.pdf
    • http://www.gorillawalker.com/microsoft-visual-basic-2008-introductory-concepts-and-techniques-shelly-cashman.pdf
    • http://www.gorillawalker.com/psicologia-del-deporte-spanish-edition.pdf
    • http://www.gorillawalker.com/museum-administration-an-introduction-american-association-for-state-and-local.pdf
    • http://www.gorillawalker.com/fundamentals-of-children-s-services-ala-fundamentals.pdf
    • http://www.gorillawalker.com/the-chamberlain-calendar-of-french-cooking-for-engagements-1960-week.pdf
    • http://www.gorillawalker.com/fodor-s-canada-s-atlantic-provinces-new-brunswick-nova-scotia.pdf
    • http://www.gorillawalker.com/sesame-subjects-my-first-book-about-fish-sesame-street.pdf
    • http://www.gorillawalker.com/uncensored-women-6-uncensored-women-adult-erotic-picture-book.pdf
    • http://www.gorillawalker.com/set-apart-women-s-bible-study-leader-guide-holy-habits.pdf
    • http://www.gorillawalker.com/neurological-eponyms.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.