Malicious PDF — malware analysis report

Static analysis result for SHA-256 88d88314657c9459…

MALICIOUS

PDF

33.6 KB Created: 2020-01-03 21:47:24 +03:00 Authoring application: Acrobat PDFMaker 6.0 for Word (via Acrobat Distiller 6.0 (Windows))
MD5: d9a8098c14b5422856a8906a34b60783 SHA-1: 33f9ec950c72895c6838145556c2a2acab886520 SHA-256: 88d88314657c94593c1b285aec3f175a0073117fb66863ff150e4a325c60a697
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external websites, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML_NYX_PDF_MALICIOUS heuristic also flagged the document as malicious. The embedded URLs are likely used to direct users to potentially harmful content or for SEO spamming purposes.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8313

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-everything-father-to-be-book-a-survival-guide-for.pdf
    • http://www.gorillawalker.com/vlsi-technology-design-basic-of-micro-elec.pdf
    • http://www.gorillawalker.com/yes-or-no-how-your-everyday-decisions-will-forever-shape.pdf
    • http://www.gorillawalker.com/arms-and-weapons-an-introduction-to-the-un-regulatory-framework.pdf
    • http://www.gorillawalker.com/taking-fire-the-true-story-of-a-decorated-chopper-pilot.pdf
    • http://www.gorillawalker.com/biscuit-more-phonics-fun-my-first-i-can-read.pdf
    • http://www.gorillawalker.com/modern-twist-contemporary-japanese-bamboo-art.pdf
    • http://www.gorillawalker.com/ecclesiastes-annotated-explained-skylight-illuminations.pdf
    • http://www.gorillawalker.com/existentialism-from-dostoevsky-to-sartre-revised-and-expanded-edition.pdf
    • http://www.gorillawalker.com/multiple-sclerosis-by-murray-md-t-jock-saunders-ba-bsn.pdf
    • http://www.gorillawalker.com/ficic-quick-reference-guide-red-book-fidic-quick-reference-guide.pdf
    • http://www.gorillawalker.com/stars-on-ice-an-intimate-look-at-skating-s-greatest.pdf
    • http://www.gorillawalker.com/the-mark-of-the-beast-and-the-seal-of-god.pdf
    • http://www.gorillawalker.com/more-than-a-champion-the-style-of-muhammad-ali.pdf
    • http://www.gorillawalker.com/medical-statistics-a-guide-to-data-analysis-and-critical-appraisal.pdf
    • http://www.gorillawalker.com/agricultural-mechanics-fundamentals-and-applications-5th-fifth-edition.pdf
    • http://www.gorillawalker.com/beautiful-gardens-super-slim-calendar-05.pdf
    • http://www.gorillawalker.com/on-orwell-s-1984-cliffs-notes.pdf
    • http://www.gorillawalker.com/complete-guitar-by-ear-2-cd-relative-pitch-ear-training.pdf
    • http://www.gorillawalker.com/drawing-expressive-portraits.pdf
    • http://www.gorillawalker.com/the-early-muslim-tradition-of-dream-interpretation-suny-series-in.pdf
    • http://www.gorillawalker.com/localising-power-in-post-authoritarian-indonesia-a-southeast-asia-perspective.pdf
    • http://www.gorillawalker.com/miss-buncle-s-book.pdf
    • http://www.gorillawalker.com/automotive-heating-air-conditioning-haynes-techbook-paperback-2011-author-editors.pdf
    • http://www.gorillawalker.com/the-writings-of-ivor-browne-steps-along-the-road-the.pdf
    • http://www.gorillawalker.com/pensions-at-a-glance-asia-pacific-2013.pdf
    • http://www.gorillawalker.com/dangerous-creatures.pdf
    • http://www.gorillawalker.com/mr-bones-i-from-out-of-the-darkness-volume-1.pdf
    • http://www.gorillawalker.com/parents-are-forever-a-step-by-step-guide-to-becoming.pdf
    • http://www.gorillawalker.com/five-c-s-of-cinematography-by-joseph-v-maschelli-1973.pdf
    • http://www.gorillawalker.com/a-history-of-brazil.pdf
    • http://www.gorillawalker.com/modern-logic-a-text-in-elementary-symbolic-logic.pdf
    • http://www.gorillawalker.com/cooking-for-isaiah-gluten-free-dairy-free-recipes-for-easy.pdf
    • http://www.gorillawalker.com/the-return-to-scripture-in-judaism-and-christianity-essays-in.pdf
    • http://www.gorillawalker.com/el-croquis-176-eduardo-souto-de-moura.pdf
    • http://www.gorillawalker.com/standard-catalog-of-world-coins-1801-1900-cd.pdf
    • http://www.gorillawalker.com/the-international-comparative-legal-guide-to-aviation-law-2015-the.pdf
    • http://www.gorillawalker.com/frances-farmer-the-life-and-films-of-a-troubled-star.pdf
    • http://www.gorillawalker.com/collegeville-catholic-reference-library-cd-rom-edition-pc.pdf
    • http://www.gorillawalker.com/emotional-intelligence-unabridged-audible-audio-edition.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.