Malicious PDF — malware analysis report

Static analysis result for SHA-256 7e9b4092893882f0…

MALICIOUS

PDF

42.5 KB Created: 2018-12-15 08:01:40 +03:00 Authoring application: Adobe InDesign CS5 (7.0.3) (via Adobe PDF Library 9.9)
MD5: 8fb0d7d9a5e4c305cb3d7b16ca7e996b SHA-1: 7dde8e0fd5e59f6411b8bf6a7136068c51c44328 SHA-256: 7e9b4092893882f0ba8dec9c627013dea91287ae5b610ff06b23ecf187cd4380
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML classifier also flagged the document as malicious. The primary attack pattern appears to be SEO manipulation or a link farm designed to drive traffic to a specific domain, potentially for distributing further malware or engaging in phishing. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/nanomaterials-for-chemical-sensors-and-biotechnology.pdf
    • http://www.gorillawalker.com/essay-on-malta.pdf
    • http://www.gorillawalker.com/child-development-7th-edition.pdf
    • http://www.gorillawalker.com/cocina-dulce-sweet-cusine-tecnica-para-respoteria-y-panificacion-technics.pdf
    • http://www.gorillawalker.com/the-closer-young-readers-edition.pdf
    • http://www.gorillawalker.com/on-that-first-christmas-eve.pdf
    • http://www.gorillawalker.com/animerica-vol-2-no-3.pdf
    • http://www.gorillawalker.com/basic-nursing-text-and-mosby-s-nursing-video-skills-student.pdf
    • http://www.gorillawalker.com/professional-homemade-cherry-bombs-and-other-fireworks.pdf
    • http://www.gorillawalker.com/love-spell-book-2-of-the-grimm-laws.pdf
    • http://www.gorillawalker.com/legends-of-the-madonna-as-represented-in-the-fine-arts.pdf
    • http://www.gorillawalker.com/revelation-expounded.pdf
    • http://www.gorillawalker.com/world-war-i-a-cataloging-reference-guide-borgo-cataloging-guides.pdf
    • http://www.gorillawalker.com/the-white-umbrella.pdf
    • http://www.gorillawalker.com/the-4-ingredient-diabetes-cookbook.pdf
    • http://www.gorillawalker.com/the-christ-psychotherapy-and-magic.pdf
    • http://www.gorillawalker.com/fashion-drawings-in-vogue-carl-erickson.pdf
    • http://www.gorillawalker.com/breast-cancer-and-iodine-how-to-prevent-and-how-to.pdf
    • http://www.gorillawalker.com/thrilling-adventures-by-land-and-sea.pdf
    • http://www.gorillawalker.com/illustrated-guide-to-massage-and-aromatherapy-a-practical-guide-to.pdf
    • http://www.gorillawalker.com/time-for-kids-almanac.pdf
    • http://www.gorillawalker.com/amazing-grace-illustrated-stories-of-favorite-hymns.pdf
    • http://www.gorillawalker.com/arizona-laws-101-a-handbook-for-non-lawyers.pdf
    • http://www.gorillawalker.com/favorite-movie-themes-trombone-bk-cd.pdf
    • http://www.gorillawalker.com/brown-tide-rising-metaphors-of-latinos-in-contemporary-american-public.pdf
    • http://www.gorillawalker.com/reyes-del-asfalto-la-poca-dorada-del-running-en-estados.pdf
    • http://www.gorillawalker.com/earn-15-000-or-more-per-year-in-life-income.pdf
    • http://www.gorillawalker.com/diversity-and-european-human-rights-rewriting-judgments-of-the-echr.pdf
    • http://www.gorillawalker.com/cilla-black-s-blind-date-the-dragon-books.pdf
    • http://www.gorillawalker.com/continuity-and-change-in-the-american-family.pdf
    • http://www.gorillawalker.com/a-strategy-for-using-multicriteria-analysis-in-decision-making-a.pdf
    • http://www.gorillawalker.com/landscape-natural-beauty-and-the-arts-cambridge-studies-in-philosophy.pdf
    • http://www.gorillawalker.com/exploring-the-urban-community-a-gis-approach-2nd-edition-pearson.pdf
    • http://www.gorillawalker.com/revista-inopia-edici-n-especial-e-internacional-febrero-2014-spanish.pdf
    • http://www.gorillawalker.com/a-history-of-modern-philosophy-from-the-close-of-the.pdf
    • http://www.gorillawalker.com/the-great-plague-my-story.pdf
    • http://www.gorillawalker.com/the-rise-of-the-new-physics-its-mathematical-and-physical.pdf
    • http://www.gorillawalker.com/it-takes-a-thief-to-catch-a-sunrise-kindle-edition.pdf
    • http://www.gorillawalker.com/the-end-of-airports.pdf
    • http://www.gorillawalker.com/joint-publication-jp-3-01-countering-air-and-missile-threats.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.