Malicious PDF — malware analysis report

Static analysis result for SHA-256 8921b6a29a60d79a…

MALICIOUS

PDF

40.6 KB Created: 2018-11-15 19:35:03 +03:00 Authoring application: Arbortext Publishing Engine (via PDFlib+PDI 8.0.2p1 (Win32))
MD5: b2a167c8bd0e80d26a3a9076a5104085 SHA-1: c0df2716eb50904e9dd4cee34401caea508514a5 SHA-256: 8921b6a29a60d79aa7351cc33513ba917cf1567ce65a1d3d6441763880ff7502
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, a technique often used for SEO manipulation or to distribute malware. The ML classifier also flagged this PDF as malicious. While no scripts were extracted, the sheer volume of links suggests a malicious intent to redirect users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/futavillainess-2-secret-identities.pdf
    • http://www.gorillawalker.com/praxis-ii-parapro-test-prep-0755-1755.pdf
    • http://www.gorillawalker.com/amsterdam-coffee-shops-cannabis-or-cappuccino-kindle-edition.pdf
    • http://www.gorillawalker.com/marketing-with-social-media-10-easy-steps-to-success-for.pdf
    • http://www.gorillawalker.com/the-working-class-majority-america-s-best-kept-secret.pdf
    • http://www.gorillawalker.com/hunt-the-moon-cassie-palmer.pdf
    • http://www.gorillawalker.com/detestable-thing-all-the-bible-teaches-about-kindle-edition.pdf
    • http://www.gorillawalker.com/wittgenstein-a-very-short-introduction.pdf
    • http://www.gorillawalker.com/illuminate-a-gilded-wings-novel-book-one-kindle-edition.pdf
    • http://www.gorillawalker.com/identifying-hollywood-s-audiences-cultural-identity-and-the-movies.pdf
    • http://www.gorillawalker.com/safety-in-healthcare-facilities.pdf
    • http://www.gorillawalker.com/christ-plays-in-ten-thousand-places-a-conversation-in-spiritual.pdf
    • http://www.gorillawalker.com/abu-talib-the-faithful-of-the-quraysh.pdf
    • http://www.gorillawalker.com/hitler-s-generals-and-their-battles-a-salamander-book.pdf
    • http://www.gorillawalker.com/very-last-first-time-aladdin-picture-books.pdf
    • http://www.gorillawalker.com/electrical-power-systems-and-computers-selected-papers-from-the-2011.pdf
    • http://www.gorillawalker.com/the-avid-digital-editing-room-handbook.pdf
    • http://www.gorillawalker.com/the-dream-power-journal-a-system-for-organizing-your-dreams.pdf
    • http://www.gorillawalker.com/bought-by-the-wolf-king-werewolf-erotic-romance.pdf
    • http://www.gorillawalker.com/literature-and-language-level-6.pdf
    • http://www.gorillawalker.com/rom-extrem-erleben-zufallsreisef-hrer-f-r-abenteurer-german-edition.pdf
    • http://www.gorillawalker.com/ground-sloths-from-the-friasian-la-venta-fauna-with-additions.pdf
    • http://www.gorillawalker.com/let-s-put-on-a-musical-how-to-choose-the.pdf
    • http://www.gorillawalker.com/building-strong-congregations-attracting-serving-and-developing-your-membership-with.pdf
    • http://www.gorillawalker.com/truly-madly-deeply.pdf
    • http://www.gorillawalker.com/landing-on-my-feet-a-diary-of-dreams.pdf
    • http://www.gorillawalker.com/el-milagro-de-dirigir-la-orquesta-sin-usar-las-manos.pdf
    • http://www.gorillawalker.com/grade-models-and-methods-for-data-analysis-with-applications-for.pdf
    • http://www.gorillawalker.com/powerpoint-blake-s-go-guides.pdf
    • http://www.gorillawalker.com/jaagziekte-and-maedi-in-sheep-and-goats-with-special-reference.pdf
    • http://www.gorillawalker.com/the-claiming-the-outlaw-lovers.pdf
    • http://www.gorillawalker.com/a-walk-through-the-southern-sky-a-guide-to-stars.pdf
    • http://www.gorillawalker.com/crown-prosecution-service-april-1998-march-1999-annual-report-house.pdf
    • http://www.gorillawalker.com/the-city-of-duluth.pdf
    • http://www.gorillawalker.com/venus-in-india-harper-perennial-forbidden-classics.pdf
    • http://www.gorillawalker.com/handbook-of-military-industrial-engineering-industrial-innovation-series.pdf
    • http://www.gorillawalker.com/reference-and-research-guide-to-mystery-and-detective-fiction-reference.pdf
    • http://www.gorillawalker.com/siegfried-german-edition.pdf
    • http://www.gorillawalker.com/women-and-their-health.pdf
    • http://www.gorillawalker.com/a-horse-named-bob-i-can-read-a-horse-named.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.