Malicious PDF — malware analysis report

Static analysis result for SHA-256 908832085f1d908d…

MALICIOUS

PDF

47.0 KB Created: 2018-12-14 20:07:12 +03:00 Authoring application: ABBYY FineReader 8.0 Professional Edition
MD5: bafbab64e5095085a8b633caceb010a9 SHA-1: 8c58cfef7df0b8fe10e31bbc7b42e91a8a659646 SHA-256: 908832085f1d908da3421783382e1ecd7558fbdac0df38ab5e64957dee821e2d
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF was flagged by a machine learning classifier and contains a large number of embedded external links, indicating a potential SEO manipulation or redirection scheme. The primary heuristic identified a link farm structure, suggesting the document's purpose is to distribute traffic to numerous external URLs, likely for malicious purposes. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8518

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/mouse-shapes.pdf
    • http://www.gorillawalker.com/sammelband-schwule-chefs-direktoren-und-bauarbeiter-gay-vier-erotische-gay.pdf
    • http://www.gorillawalker.com/wild-c-a-t-s-a-gathering-of-eagles.pdf
    • http://www.gorillawalker.com/saturn-space-neighbors.pdf
    • http://www.gorillawalker.com/treatment-of-multiple-sclerosis-trial-design-results-future-perspectives-artificial.pdf
    • http://www.gorillawalker.com/the-illustrated-encyclopedia-of-horse-breeds-a-comprehensive-visual-directory.pdf
    • http://www.gorillawalker.com/espn-college-basketball-encyclopedia-the-complete-history-of-the-men.pdf
    • http://www.gorillawalker.com/managing-performance-in-turbulent-times-analytics-and-insight.pdf
    • http://www.gorillawalker.com/the-simple-home-the-luxury-of-enough-american-institute-architects.pdf
    • http://www.gorillawalker.com/dubai-the-city-as-corporation.pdf
    • http://www.gorillawalker.com/how-old-is-old.pdf
    • http://www.gorillawalker.com/colonial-and-imperial-african-slave-trade-and-its-suppression-a.pdf
    • http://www.gorillawalker.com/thyme-in-a-bottle-memories-and-recipes-from-ingrid-croce.pdf
    • http://www.gorillawalker.com/polish-and-russian-70-traditional-step-by-step-dishes-from.pdf
    • http://www.gorillawalker.com/celtic-myth-legend-an-a-z-of-people-and-places.pdf
    • http://www.gorillawalker.com/rf-technologies-for-low-power-wireless-communications.pdf
    • http://www.gorillawalker.com/aviation-maintenance-technician-powerplant-ebundle-aviation-maintenance-technician-series.pdf
    • http://www.gorillawalker.com/players-and-their-pets-gaming-communities-from-beta-to-sunset.pdf
    • http://www.gorillawalker.com/the-philosophy-of-rhetoric-galaxy-books.pdf
    • http://www.gorillawalker.com/all-american-boys-draft-dodgers-in-canada-from-the-vietnam.pdf
    • http://www.gorillawalker.com/northern-shaolin-sword.pdf
    • http://www.gorillawalker.com/the-thrill-of-hope-a-commentary-on-revelation.pdf
    • http://www.gorillawalker.com/beyond-morning-sickness-battling-hyperemesis-gravidarum.pdf
    • http://www.gorillawalker.com/marijuana-pest-and-disease-control-how-to-protect-your-plants.pdf
    • http://www.gorillawalker.com/the-torah-jewish-and-samaritan-versions-compared-hebrew-edition.pdf
    • http://www.gorillawalker.com/engstrom-s-guide-to-safaris-in-kenya-and-tanzania-engstrom.pdf
    • http://www.gorillawalker.com/on-the-trail-with-lewis-and-clark-learning-to-use.pdf
    • http://www.gorillawalker.com/reinforced-and-prestressed-concrete-in-torsion.pdf
    • http://www.gorillawalker.com/complete-book-of-orthodoxy-a-comprehensive-encyclopedia-of-orthodox-terms.pdf
    • http://www.gorillawalker.com/joints-and-glands-exercises-as-taught-by-sri-swami-rama.pdf
    • http://www.gorillawalker.com/concerto-no-2-in-eb-major-op-74-for-clarinet.pdf
    • http://www.gorillawalker.com/miteinander-german-self-study-course-for-beginners-book-4-cds.pdf
    • http://www.gorillawalker.com/micrometeorites-and-the-mysteries-of-our-origins-advances-in-astrobiology.pdf
    • http://www.gorillawalker.com/jones-parker-case-files-16-mysteries-to-solve-yourself-adventures.pdf
    • http://www.gorillawalker.com/games-strategies-and-managers-how-managers-can-use-game-theory.pdf
    • http://www.gorillawalker.com/laplace-transforms-and-their-applications-to-differential-equations-dover-books.pdf
    • http://www.gorillawalker.com/tat-die-easy-reader.pdf
    • http://www.gorillawalker.com/fleas-ticks-and-cockroaches-disease-transmitters.pdf
    • http://www.gorillawalker.com/hormones-and-sexual-behaviour-benchmark-papers-in-animal-behavior.pdf
    • http://www.gorillawalker.com/limericks-for-kids.pdf
    • http://www.gorillaw
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.