Malicious PDF — malware analysis report

Static analysis result for SHA-256 8c03dfe7067481ef…

MALICIOUS

PDF

43.7 KB Created: 2018-11-23 08:00:40 +03:00 Authoring application: - (via Acrobat Web Capture 8.0)
MD5: f7634c6a5d8bb75e8b90c9e74a185411 SHA-1: bb88e339822918e48c208c6aa68eb0fb5e8d5716 SHA-256: 8c03dfe7067481ef66bd48030ef33a71b8c121b2f4c4d40945ad3bcf708c3a55
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded URLs pointing to external PDF files, a technique often used for SEO poisoning or to distribute malicious content. The ML classifier also flagged this PDF as malicious. The primary attack pattern observed is the creation of a link farm designed to direct users to potentially harmful content.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9171

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/dungeons-dragons-deluxe-dice-d-d-accessory.pdf
    • http://www.gorillawalker.com/coaching-the-modern-4-4-2-diamond-soccer-formation-tactics.pdf
    • http://www.gorillawalker.com/wood-pellet-heating-systems-the-earthscan-expert-handbook-on-planning.pdf
    • http://www.gorillawalker.com/so-knocked-up-the-sitter-s-first-time-older-man.pdf
    • http://www.gorillawalker.com/curvature-in-mathematics-and-physics-dover-books-on-mathematics.pdf
    • http://www.gorillawalker.com/the-enchanted-broccoli-forest-and-other-timeless-delicacies-recipes-drawings.pdf
    • http://www.gorillawalker.com/leichtbau-elemente-und-konstruktion-klassiker-der-technik-german-edition.pdf
    • http://www.gorillawalker.com/after-tet-the-bloodiest-year-in-vietnam.pdf
    • http://www.gorillawalker.com/beyond-the-mirror-reflections-on-life-and-death.pdf
    • http://www.gorillawalker.com/die-syrische-steppe-mobile-viehzucht-internationale-entwicklungshilfe-und-globale-m.pdf
    • http://www.gorillawalker.com/mathematical-fun-games-and-puzzles-dover-recreational-math.pdf
    • http://www.gorillawalker.com/the-winning-edge-series-a-perfect-landing-paperback.pdf
    • http://www.gorillawalker.com/chemical-kinetics-and-reactor-design-chemical-engineering-texts.pdf
    • http://www.gorillawalker.com/aerodynamic-theory-volume-i-divisions-a-through-d.pdf
    • http://www.gorillawalker.com/plant-nematology-kindle-edition.pdf
    • http://www.gorillawalker.com/matters-of-fact-in-jane-austen-history-location-and-celebrity.pdf
    • http://www.gorillawalker.com/bridled-passion-sandie-s-first-rodeo.pdf
    • http://www.gorillawalker.com/a-woman-s-revenge-urban-books.pdf
    • http://www.gorillawalker.com/roulette-strategy-outside-bets-using-control.pdf
    • http://www.gorillawalker.com/hawks-on-hawks.pdf
    • http://www.gorillawalker.com/big-book-study-guides-for-aa-kindle-edition.pdf
    • http://www.gorillawalker.com/introduction-to-industrial-organizational-psychology-4th-fourth-edition.pdf
    • http://www.gorillawalker.com/lone-star-ladies-a-travel-guide-to-women-s-history.pdf
    • http://www.gorillawalker.com/the-dewey-color-system-for-relationships-the-ultimate-compatibility-test.pdf
    • http://www.gorillawalker.com/the-massage.pdf
    • http://www.gorillawalker.com/mathemazement-tips-tricks-and-tools-of-the-numbers-game.pdf
    • http://www.gorillawalker.com/aren-t-they-lovely-when-they-re-asleep-lessons-in.pdf
    • http://www.gorillawalker.com/principles-of-patient-assessment-in-ems.pdf
    • http://www.gorillawalker.com/halligan-to-my-axe-the-heroes-of-the-dixie-wardens.pdf
    • http://www.gorillawalker.com/fish-cookery-cooking-cleaning-and-care-of-over-100-species.pdf
    • http://www.gorillawalker.com/matteo-dark-erotic-mob-romance-rossi-family-book-1.pdf
    • http://www.gorillawalker.com/rds-student-software-for-aircraft-design-sizing-and-performance-aiaa.pdf
    • http://www.gorillawalker.com/privacy-please-gaining-independence-from-your-parents-sunscreen.pdf
    • http://www.gorillawalker.com/dance-of-the-dialectic-steps-in-marx-s-method.pdf
    • http://www.gorillawalker.com/the-carnivalization-of-politics-quebec-cartoons-on-relations-with-canada.pdf
    • http://www.gorillawalker.com/child-protective-services-a-guide-for-caseworkers-child-abuse-and.pdf
    • http://www.gorillawalker.com/nunchaku-karate-weapon-of-self-defense.pdf
    • http://www.gorillawalker.com/warriors-of-disinformation.pdf
    • http://www.gorillawalker.com/quantum-gravity.pdf
    • http://www.gorillawalker.com/writing-the-incommensurable-kierkegaard-rossetti-and-hopkins-literature-and-philosophy.pdf
    • http://www.gorillawalker.com/the-enchanted-broccoli-forest-and-other-timeless-delicacies-recip
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.