Malicious PDF — malware analysis report

Static analysis result for SHA-256 929d19d26fc651f5…

MALICIOUS

PDF

44.2 KB Created: 2018-11-15 18:32:05 +03:00 Authoring application: AH XSL Formatter V6.2 MR5 for Windows (x64) : 6.2.7.18952 (via Antenna House PDF Output Library 6.2.625 (Windows (x64)))
MD5: 3bd776fa65b69ee32fae40f8f83942c3 SHA-1: 03c94f463a41f5ffeed6ff22d3af0c42bf359c7a SHA-256: 929d19d26fc651f5a3c1272ce2f983d36a7accc4d668e7f5b725d1fa554d3e01
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF file was flagged for containing a large number of external links, forming a link farm. While no malicious scripts were extracted, the sheer volume of links to PDFs on a single domain suggests a potential for hosting malicious content or engaging in SEO manipulation. The attack pattern is likely to lure users to click on these links, potentially leading to further compromise.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/makin-stuff-up-secrets-of-song-craft-survival-in-the.pdf
    • http://www.gorillawalker.com/the-flamboyant-unabridged-audio-cd.pdf
    • http://www.gorillawalker.com/island-bimbo.pdf
    • http://www.gorillawalker.com/hero-the-life-and-death-of-audie-murphy.pdf
    • http://www.gorillawalker.com/domestic-relationships-a-contemporary-approach-interactive-casebook-series.pdf
    • http://www.gorillawalker.com/foot-and-ankle-secrets-1e.pdf
    • http://www.gorillawalker.com/customary-law-in-a-changing-society.pdf
    • http://www.gorillawalker.com/the-us-military-in-africa-enhancing-security-and-development.pdf
    • http://www.gorillawalker.com/handmade-birthdays-101-gift-cake-card-ideas-for-ages-1.pdf
    • http://www.gorillawalker.com/fatal-fortune-a-psychic-eye-mystery-kindle-edition.pdf
    • http://www.gorillawalker.com/the-constitutions-of-the-free-masons-containing-the-history-charges.pdf
    • http://www.gorillawalker.com/brahma-sutra-bhasya-of-shankaracharya.pdf
    • http://www.gorillawalker.com/st-p-mathematics-1a-second-edition-bk-1a.pdf
    • http://www.gorillawalker.com/shoulder-arms-letters-and-recollections-of-the-22nd-new-york.pdf
    • http://www.gorillawalker.com/the-professional-communications-toolkit.pdf
    • http://www.gorillawalker.com/ncmhce-secrets-study-guide-ncmhce-exam-review-for-the-national.pdf
    • http://www.gorillawalker.com/largo-winch-english-version-volume-6-and-die.pdf
    • http://www.gorillawalker.com/forbidden-games-and-video-poems-the-poetry-of-yang-mu.pdf
    • http://www.gorillawalker.com/the-sheikh-s-girlfriend.pdf
    • http://www.gorillawalker.com/the-heart-of-the-revolution-the-buddha-s-radical-teachings.pdf
    • http://www.gorillawalker.com/toonerific-for-string-orchestra-score.pdf
    • http://www.gorillawalker.com/learning-supportive-psychotherapy-an-illustrated-guide-core-competencies-in-psychotherapy.pdf
    • http://www.gorillawalker.com/three-into-one-milf-meets-her-match.pdf
    • http://www.gorillawalker.com/evolution-of-the-vertebrates-a-history-of-the-backboned-animals.pdf
    • http://www.gorillawalker.com/a-complete-bible-study-for-the-serious-believer-new-covenant.pdf
    • http://www.gorillawalker.com/classic-goosebumps-9-the-horror-at-camp-jellyjam.pdf
    • http://www.gorillawalker.com/icaew-management-information-passcards.pdf
    • http://www.gorillawalker.com/systems-analysis-and-design-in-a-changing-world-6th-edition.pdf
    • http://www.gorillawalker.com/russian-edition.pdf
    • http://www.gorillawalker.com/little-by-little.pdf
    • http://www.gorillawalker.com/how-to-make-an-ebook-cover-for-non-designers.pdf
    • http://www.gorillawalker.com/ancient-indian-tradition-and-mythology-mahapuranas-the-kurma-purana.pdf
    • http://www.gorillawalker.com/action-and-appearance-ethics-and-the-politics-of-writing-in.pdf
    • http://www.gorillawalker.com/beginning-flash-game-programming-for-dummies.pdf
    • http://www.gorillawalker.com/the-great-gatsby-penguin-hardback-classics-by-scott-fitzgerald-f.pdf
    • http://www.gorillawalker.com/george-washington-carver-earth-keepers.pdf
    • http://www.gorillawalker.com/why-knot-how-to-tie-more-than-sixty-ingenious-useful.pdf
    • http://www.gorillawalker.com/el-club-del-acolchado-amish-spanish-edition.pdf
    • http://www.gorillawalker.com/on-his-terms.pdf
    • http://www.gorillawalker.com/overcoming-underachieving-a-simple-plan-to-boost-your-kids-grades.pdf
    • http://www.gorillawalker.com/ha
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.