Malicious PDF — malware analysis report

Static analysis result for SHA-256 85e4daeaaa3e6c90…

MALICIOUS

PDF

42.9 KB Created: 2019-03-17 04:31:51 +03:00 Authoring application: - (via Acrobat Web Capture 8.0)
MD5: 501a73abf5b070a530bfe516bcee8c1e SHA-1: a2e72e4dee01cdc5682eaabcd4e9a57abd51d988 SHA-256: 85e4daeaaa3e6c905888212641db5b4e33972bf346dcc23e8460ea5d5013438b
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded external links to other PDF documents hosted on the same domain. This behavior is indicative of a link farm, often used for SEO manipulation or to distribute malicious content. The ML classifier also flagged this PDF as malicious.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8872

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/national-geographic-september-1993.pdf
    • http://www.gorillawalker.com/the-art-of-public-speaking-10th-edition.pdf
    • http://www.gorillawalker.com/opengl-reference-manual-the-official-reference-document-to-opengl-version.pdf
    • http://www.gorillawalker.com/music-an-appreciation-9th-international-edition.pdf
    • http://www.gorillawalker.com/self-reliance-by-ralph-waldo-emerson.pdf
    • http://www.gorillawalker.com/sams-teach-yourself-javascript-in-24-hours-5th-edition.pdf
    • http://www.gorillawalker.com/psychodynamic-practice-in-a-managed-care-environment-a-strategic-guide.pdf
    • http://www.gorillawalker.com/exploring-the-sacred-in-vietnam-2006-kindle-edition.pdf
    • http://www.gorillawalker.com/american-jazz-musicians-collective-biographies.pdf
    • http://www.gorillawalker.com/the-everything-large-print-bible-word-search-book-150-inspirational.pdf
    • http://www.gorillawalker.com/ultimate-guide-to-linkedin-for-business-how-to-get-connected.pdf
    • http://www.gorillawalker.com/walls-have-feelings-architecture-film-and-the-city.pdf
    • http://www.gorillawalker.com/billion-dollar-baby.pdf
    • http://www.gorillawalker.com/nightwatch-love-inspired-suspense.pdf
    • http://www.gorillawalker.com/masterworks-of-latin-american-short-fiction-eight-novellas.pdf
    • http://www.gorillawalker.com/haunting-at-redstone-manor-minecraft-scary-story.pdf
    • http://www.gorillawalker.com/best-irish-walks.pdf
    • http://www.gorillawalker.com/romance-on-the-early-modern-stage-english-expansion-before-and.pdf
    • http://www.gorillawalker.com/halogens-and-noble-gases-periodic-table-of-the-elements.pdf
    • http://www.gorillawalker.com/okay-for-now-kindle-edition.pdf
    • http://www.gorillawalker.com/living-well-with-celiac-disease-abundance-beyond-wheat-and-gluten.pdf
    • http://www.gorillawalker.com/the-bassoon-reed-manual-lou-skinner-s-techniques.pdf
    • http://www.gorillawalker.com/princess-sophie-futanari-monster-breeding-erotica-kindle-edition.pdf
    • http://www.gorillawalker.com/the-european-handbook-of-management-consultancy.pdf
    • http://www.gorillawalker.com/the-three-theban-plays-turtleback-school-library-binding-edition-penguin.pdf
    • http://www.gorillawalker.com/visions-of-heaven-hell-before-dante.pdf
    • http://www.gorillawalker.com/why-vegan-the-ethics-of-eating-the-need-for-change.pdf
    • http://www.gorillawalker.com/construction-project-administration-9th-edition.pdf
    • http://www.gorillawalker.com/mokole-changing-breed-book-6-werewolf-the-apocalypse.pdf
    • http://www.gorillawalker.com/101-ejercicios-de-doma-clasica-para-el-caballo-y-el.pdf
    • http://www.gorillawalker.com/the-resilience-of-hope-at-the-interface-probing-the-boundaries.pdf
    • http://www.gorillawalker.com/the-time-spirit-trilogy.pdf
    • http://www.gorillawalker.com/barney-kessel-a-step-by-step-breakdown-of-his-guitar.pdf
    • http://www.gorillawalker.com/dizziness-and-vertigo-an-introduction-and-practical-guide.pdf
    • http://www.gorillawalker.com/the-participatory-mind-a-new-theory-of-knowledge-and-of.pdf
    • http://www.gorillawalker.com/crazy-horse-the-strange-man-of-the-oglalas-a-biography.pdf
    • http://www.gorillawalker.com/practice-makes-perfect-french-nouns-and-their-genders-up-close.pdf
    • http://www.gorillawalker.com/the-folktale.pdf
    • http://www.gorillawalker.com/real-bbq-the-ultimate-step-by-step-smoker-cookbook.pdf
    • http://www.gorillawalker.com/leibniz-philosophical-essays-hackett-classics.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.