Malicious PDF — malware analysis report

Static analysis result for SHA-256 8552920b974f6595…

MALICIOUS

PDF

43.7 KB Created: 2018-12-07 18:28:09 +03:00 Authoring application: Acrobat PDFMaker 10.0 for Word (via Adobe PDF Library 10.0)
MD5: 27ac3fb907e053fe20644adbb5b766ed SHA-1: d2fcaa682802b985a3d823a6efd28cbe44a88bb1 SHA-256: 8552920b974f659530b000e1c74f07122b957da036e844c4b618dadaa80eee35
92 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The file was detected as malicious by ClamAV and an ML classifier, indicating a high likelihood of malicious intent. The PDF contains embedded URLs that point to other PDF files, suggesting a lure to download further malicious content. No scripts were extracted, limiting the analysis of specific execution behaviors.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9171

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7214835-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7214835-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/aerobics-for-kids-book-and-audio-cassette.pdf
    • http://www.gorillawalker.com/love-never-dies-how-to-reconnect-and-make-peace-with.pdf
    • http://www.gorillawalker.com/bidrag-til-kundskab-om-de-sindssyge-i-norge-danish-edition.pdf
    • http://www.gorillawalker.com/elements-of-language-developmental-language-skills-first-course.pdf
    • http://www.gorillawalker.com/welcome-to-my-dojo-a-kid-s-introduction-to-the.pdf
    • http://www.gorillawalker.com/baby-animals-2-discover-series-picture-book-for-children.pdf
    • http://www.gorillawalker.com/the-viking-bodleys-an-excursion-into-norway-and-denmark.pdf
    • http://www.gorillawalker.com/time-is-the-enemy.pdf
    • http://www.gorillawalker.com/problems-from-philosophy.pdf
    • http://www.gorillawalker.com/fifty-years-of-a-life-in-music-1905-1955-cinquantanni.pdf
    • http://www.gorillawalker.com/film-and-television-twentieth-century-inventions.pdf
    • http://www.gorillawalker.com/lonely-planet-singapore-city-guide.pdf
    • http://www.gorillawalker.com/how-to-set-up-home-surveillance-secrets-to-creating-a.pdf
    • http://www.gorillawalker.com/chariots-of-heaven-saga-the-splitting-of-heaven-volume-2.pdf
    • http://www.gorillawalker.com/actium-31-bc-downfall-of-antony-and-cleopatra-campaign.pdf
    • http://www.gorillawalker.com/the-history-of-philosophy-1701.pdf
    • http://www.gorillawalker.com/israel-observed.pdf
    • http://www.gorillawalker.com/blood-moon.pdf
    • http://www.gorillawalker.com/database-processing-fundamentals-design-implementation-3rd-edition.pdf
    • http://www.gorillawalker.com/introduction-to-transport-phenomena-paperback-2000-author-william-j-thomson.pdf
    • http://www.gorillawalker.com/every-man-a-tiger-revised-the-gulf-war-air-campaign.pdf
    • http://www.gorillawalker.com/belwin-21st-century-band-method-level-3-e-flat-alto.pdf
    • http://www.gorillawalker.com/home-school-source-bk.pdf
    • http://www.gorillawalker.com/is-diss-a-system-a-milt-gross-comic-reader-goldstein.pdf
    • http://www.gorillawalker.com/bound-torn.pdf
    • http://www.gorillawalker.com/the-french-anarchist-labor-movement-and-la-vie-ouvriere-1909.pdf
    • http://www.gorillawalker.com/el-sue-o-eterno-contemporanea-debolsillo-spanish-edition.pdf
    • http://www.gorillawalker.com/jazz-a-little-jazz-a-lot-bk-1.pdf
    • http://www.gorillawalker.com/symphony-no7-e-major-nowak-edition-study-score-edition-eulenburg.pdf
    • http://www.gorillawalker.com/easter-island-mystery-of-the-stone-giants.pdf
    • http://www.gorillawalker.com/for-the-love-of-being-jewish-an-a-to-z.pdf
    • http://www.gorillawalker.com/merrill-s-atlas-of-radiographic-positioning-and-procedures-3-volume.pdf
    • http://www.gorillawalker.com/creative-industry-districts-an-analysis-of-dynamics-networks-and-implications.pdf
    • http://www.gorillawalker.com/the-brave-remembered-battle-men-at-war-1914-1918.pdf
    • http://www.gorillawalker.com/picture-a-letter.pdf
    • http://www.gorillawalker.com/math-problem-solving-packets-grade-1-mini-lessons-for-the.pdf
    • http://www.gorillawalker.com/2-dechiffrages-alto-sax-and-percussion.pdf
    • http://www.gorillawalker.com/jonathan-edwards-s-bible-the-relationship-of-the-old-and.pdf
    • http://www.gorillawalker.com/time-delay-systems-lyapunov-functionals-and-matrices-control-engineering.pdf
    • http://www.gorillawalker.com/the-witch-cult-in-western-europe-a-study-in-anthropology.pdf
    • http://www.gorillawalker.com/
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.