Malicious PDF — malware analysis report

Static analysis result for SHA-256 83edb11f9c042a4f…

MALICIOUS

PDF

40.1 KB Created: 2018-12-02 10:54:47 +03:00 Authoring application: ABBYY FineReader (via -)
MD5: 9a30598c5a0f9ec3574774ebf9370044 SHA-1: 7790a64a7a9e29e254c2b9e274b04cb17a7b3efe SHA-256: 83edb11f9c042a4f830bfb9365b1711ca51dea4c14d81eca3a020f1041f25f81
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm, often used for SEO manipulation or to distribute potentially malicious content. The ML classifier also flagged this PDF as malicious with a high probability.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8872

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/advances-in-oilseed-research.pdf
    • http://www.gorillawalker.com/the-last-wrestlers-a-far-flung-journey-in-search-of.pdf
    • http://www.gorillawalker.com/undress-for-success-the-naked-truth-about-making-money-at.pdf
    • http://www.gorillawalker.com/key-financial-instruments-understanding-and-innovation-in-the-world-of.pdf
    • http://www.gorillawalker.com/round-table-geometry-teacher-guide.pdf
    • http://www.gorillawalker.com/dinosaur-sticker-atlas.pdf
    • http://www.gorillawalker.com/kawasaki-900-and-1000cc-fours-1973-1980-includes-shaft-drive.pdf
    • http://www.gorillawalker.com/little-red-book-a-child-s-first-dictionary.pdf
    • http://www.gorillawalker.com/wolf-song.pdf
    • http://www.gorillawalker.com/captured-by-the-viking.pdf
    • http://www.gorillawalker.com/the-riddle-of-the-wren.pdf
    • http://www.gorillawalker.com/above-portland-calendar-the-photography-of-bruce-forster.pdf
    • http://www.gorillawalker.com/filemaker-api-for-php-12.pdf
    • http://www.gorillawalker.com/alpha-male-tales-vol-1-hetero-macho-alpha-male-bundle.pdf
    • http://www.gorillawalker.com/kandai-the-elephant-goes-bananas-kindle-edition.pdf
    • http://www.gorillawalker.com/the-glycemic-load-diet-cookbook-150-recipes-to-help-you.pdf
    • http://www.gorillawalker.com/behind-the-attic-wall.pdf
    • http://www.gorillawalker.com/passion-volume-2-yaoi.pdf
    • http://www.gorillawalker.com/through-human-love-to-god-essays-on-dante-and-petrarch.pdf
    • http://www.gorillawalker.com/gaia-a-new-look-at-life-on-earth.pdf
    • http://www.gorillawalker.com/the-fighting-pattons-library-edition.pdf
    • http://www.gorillawalker.com/thomas-alva-edison-american-inventor-and-businessman-legendary-american-biographies.pdf
    • http://www.gorillawalker.com/sundance-reader.pdf
    • http://www.gorillawalker.com/metals-english-heritage-research-transactions-volume-1.pdf
    • http://www.gorillawalker.com/bitemarks.pdf
    • http://www.gorillawalker.com/beyond-the-darkness-a-biography-of-bede-griffiths.pdf
    • http://www.gorillawalker.com/making-known-god-s-eternal-purpose.pdf
    • http://www.gorillawalker.com/splat-wile-e-coyote-experiments-with-states-of-matter-wile.pdf
    • http://www.gorillawalker.com/the-fundamentals-of-figure-drawing.pdf
    • http://www.gorillawalker.com/remembering-radio-an-oral-history-of-old-time-radio-kindle.pdf
    • http://www.gorillawalker.com/analytical-artifacts-gc-ms-hplc-tlc-and-pc-journal-of.pdf
    • http://www.gorillawalker.com/beyond-compliance-a-new-industry-view-of-the-environment.pdf
    • http://www.gorillawalker.com/the-dominica-story-a-history-of-the-island.pdf
    • http://www.gorillawalker.com/atlas-of-head-and-neck-ultrasound.pdf
    • http://www.gorillawalker.com/funny-laws.pdf
    • http://www.gorillawalker.com/automotive-electronics-reliability-progress-in-technology.pdf
    • http://www.gorillawalker.com/alaska-south-central-guide.pdf
    • http://www.gorillawalker.com/cmos-vlsi-layout-artwork-design-and-lab.pdf
    • http://www.gorillawalker.com/the-english-governess-at-the-siamese-court-primary-sources-historical.pdf
    • http://www.gorillawalker.com/an-everyone-culture-becoming-a-deliberately-developmental-organization.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.