Malicious PDF — malware analysis report

Static analysis result for SHA-256 7af7e558264a4016…

MALICIOUS

PDF

30.7 KB Created: 2019-08-07 05:45:35 +03:00 Authoring application: Microsoft Word 8.0 (via Acrobat Distiller 4.0 for Windows)
MD5: 39121bcb01c8d8daa2eee81db252283f SHA-1: 6af12fa92dc9cfae5ac26e7d3a356a083efa8a99 SHA-256: 7af7e558264a4016e214bb111ca9909e698ee53c98e8a29e85dfa729ca76fa1c
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links, primarily pointing to other PDF files on the domain www.gorillawalker.com. This behavior is indicative of a link farm or a redirection scheme designed to lead users to potentially malicious content. The ML classifier also flagged this PDF as malicious, supporting the suspicious nature of the link farm.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8878

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/mediterranean-paleo-cooking-recipes-paleo-cookbook-with-40-recipes-for.pdf
    • http://www.gorillawalker.com/emerging-churches-creating-christian-community-in-postmodern-cultures.pdf
    • http://www.gorillawalker.com/mechanical-vibrations-4th-edition.pdf
    • http://www.gorillawalker.com/potatoes-not-prozac-how-to-control-depression-food-cravings-and.pdf
    • http://www.gorillawalker.com/the-hidden-tools-of-comedy-the-serious-business-of-being.pdf
    • http://www.gorillawalker.com/philip-brookman-redlands.pdf
    • http://www.gorillawalker.com/methods-and-materials-for-conducting-g6736.pdf
    • http://www.gorillawalker.com/arthur-honegger.pdf
    • http://www.gorillawalker.com/the-green-doodle-book.pdf
    • http://www.gorillawalker.com/classic-american-autobiographies.pdf
    • http://www.gorillawalker.com/american-creation-library-edition.pdf
    • http://www.gorillawalker.com/manipulacion-de-alimentos-en-los-helados-y-horchatas-spanish-edition.pdf
    • http://www.gorillawalker.com/ecclesiastes-and-scepticism-the-library-of-hebrew-bible-old-testament.pdf
    • http://www.gorillawalker.com/chen-zhen-catalogue-raisonne.pdf
    • http://www.gorillawalker.com/collins-pocket-school-thesaurus.pdf
    • http://www.gorillawalker.com/edwin-speaks-up.pdf
    • http://www.gorillawalker.com/chordalogy-tonal-ii-v-i-progressions-for-the-jazz-guitarist.pdf
    • http://www.gorillawalker.com/b-witched-backstage-pass.pdf
    • http://www.gorillawalker.com/value-stream-mapping-in-the-or.pdf
    • http://www.gorillawalker.com/dante-the-divine-comedy.pdf
    • http://www.gorillawalker.com/a-sense-of-urgency-kindle-edition.pdf
    • http://www.gorillawalker.com/the-virtues-of-liberalism.pdf
    • http://www.gorillawalker.com/juan-jos-de-austria-spanish-edition.pdf
    • http://www.gorillawalker.com/learning-from-data-an-introduction-to-statistical-reasoning.pdf
    • http://www.gorillawalker.com/death-sentences.pdf
    • http://www.gorillawalker.com/the-food-of-france-a-journey-for-food-lovers-food.pdf
    • http://www.gorillawalker.com/systems-architecting-of-organizations-why-eagles-can-t-swim-systems.pdf
    • http://www.gorillawalker.com/the-chaklala-codes.pdf
    • http://www.gorillawalker.com/madame-martine.pdf
    • http://www.gorillawalker.com/agee-on-film-volume-1.pdf
    • http://www.gorillawalker.com/grinding-him-taboo-singles-older-man-younger-woman-first-time.pdf
    • http://www.gorillawalker.com/mark-twain-s-notebook.pdf
    • http://www.gorillawalker.com/sarah-bishop.pdf
    • http://www.gorillawalker.com/stereotyping-and-prejudice-frontiers-of-social-psychology.pdf
    • http://www.gorillawalker.com/holt-environmental-science-study-guide.pdf
    • http://www.gorillawalker.com/2006-practitioners-of-chinese-medicine-qualification-examination-of-practical-skills.pdf
    • http://www.gorillawalker.com/lideres-en-el-liderazgo-spanish-edition.pdf
    • http://www.gorillawalker.com/devotion-to-saint-dominic-kindle-edition.pdf
    • http://www.gorillawalker.com/hello-kitty-2013-german-edition.pdf
    • http://www.gorillawalker.com/anthology-clan-novel-vampire-the-masquerade.pdf
    • http://www.gorillawalker.com/manipulaci
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.