Malicious PDF — malware analysis report

Static analysis result for SHA-256 8cf59f7cd6469649…

MALICIOUS

PDF

33.5 KB Created: 2019-05-24 00:41:49 +03:00 Authoring application: Adobe PageMaker 7.0 (via Acrobat Distiller 5.0.5 (Windows))
MD5: 72eef49137e71b246baa55135351b26a SHA-1: 20ad51bff86f2c7f200d2bfae06170aa34cf4803 SHA-256: 8cf59f7cd6469649e3f317de81c3e3496eca310f53edcd58916eeec0c6b3d88e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF document was flagged by a machine learning classifier and contains a large number of embedded external links. The heuristic 'PDF_SEO_LINK_FARM' indicates that the PDF is designed to host a mass of external links, likely to manipulate search engine rankings or to serve as a distribution point for further malicious content. The presence of 32 such links suggests a coordinated effort to leverage these external resources. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8529

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/space-and-self-in-early-modern-european-cultures-ucla-clark.pdf
    • http://www.gorillawalker.com/mam-come-sano-spanish-edition.pdf
    • http://www.gorillawalker.com/frommer-s-bed-and-breakfast-in-the-mid-atlantic-a.pdf
    • http://www.gorillawalker.com/la-resolucion-de-problemas-matematicos-the-resolution-of-mathematical-problems.pdf
    • http://www.gorillawalker.com/steck-vaughn-gain-essentials-student-edition-efl-levels-1-2.pdf
    • http://www.gorillawalker.com/the-eta-cohen-violin-method-2012-book-1.pdf
    • http://www.gorillawalker.com/capital-bride-matchmaker-co-volume-1.pdf
    • http://www.gorillawalker.com/paul-thurlby-s-wildlife.pdf
    • http://www.gorillawalker.com/on-being-the-church-revisioning-baptist-identity-studies-in-baptist.pdf
    • http://www.gorillawalker.com/o-el-kitsch-de-lujo-christian-lacroix-dise.pdf
    • http://www.gorillawalker.com/urban-health-global-perspectives.pdf
    • http://www.gorillawalker.com/philosophy-traditional-and-experimental-readings.pdf
    • http://www.gorillawalker.com/africa-east-coast-mozambique-port-of-beira-sudoc-d-5.pdf
    • http://www.gorillawalker.com/meaning-without-truth.pdf
    • http://www.gorillawalker.com/a-blessing-and-a-curse-autism-and-me.pdf
    • http://www.gorillawalker.com/venice-desired-convergences-inventories-of-the-present.pdf
    • http://www.gorillawalker.com/cook-freeze-150-delicious-dishes-to-serve-now-and-later.pdf
    • http://www.gorillawalker.com/the-lean-startup-how-today-s-entrepreneurs-use-continuous-innovation.pdf
    • http://www.gorillawalker.com/revealed-a-house-of-night-novel-house-of-night-novels.pdf
    • http://www.gorillawalker.com/les-traits-caracteristiques-de-la-property-law-anglo-americaine-le.pdf
    • http://www.gorillawalker.com/advanced-mechanics-of-materials-and-applied-elasticity-5th-edition.pdf
    • http://www.gorillawalker.com/classic-techniques-for-watercolour-landscapes.pdf
    • http://www.gorillawalker.com/rolling-dreams-portraits-of-the-northwest-s-railroad-heritage.pdf
    • http://www.gorillawalker.com/it-s-a-dog-s-life-snoopy-peanuts.pdf
    • http://www.gorillawalker.com/learned-secrets-erotic-chaos.pdf
    • http://www.gorillawalker.com/100-classic-cocktails-tiny-folio.pdf
    • http://www.gorillawalker.com/when-globalization-fails-the-rise-and-fall-of-pax-americana.pdf
    • http://www.gorillawalker.com/baby-challenge-hbk-pregnancy-pb.pdf
    • http://www.gorillawalker.com/intertidal-ecology.pdf
    • http://www.gorillawalker.com/the-road-to-al-qaeda-the-story-of-bin-laden.pdf
    • http://www.gorillawalker.com/lobo-oscuro-spanish-edition.pdf
    • http://www.gorillawalker.com/clementines-a-collection-of-poems.pdf
    • http://www.gorillawalker.com/scarlet-night-killing-time-book-2.pdf
    • http://www.gorillawalker.com/grey-daze-a-lance-underphal-mystery.pdf
    • http://www.gorillawalker.com/shadowrun-19-just-compensation.pdf
    • http://www.gorillawalker.com/baby-shower-fun.pdf
    • http://www.gorillawalker.com/dreams-from-my-father-a-story-of-race-and-inheritance.pdf
    • http://www.gorillawalker.com/mems-vibratory-gyroscopes-structural-approaches-to-improve-robustness-mems-reference.pdf
    • http://www.gorillawalker.com/recent-advances-in-structural-dynamics-papers-presented-at-an-international.pdf
    • http://www.gorillawalker.com/animation-design-and-production-of-the-new-curriculum-reform-of.pdf
    • http://www.gorillawalker.com/
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.