Malicious PDF — malware analysis report

Static analysis result for SHA-256 92a8ce38ed00b15a…

MALICIOUS

PDF

42.8 KB Created: 2019-04-11 13:06:09 +03:00 Authoring application: DVIPSONE 2.2.4 http://www.YandY.com (via Acrobat Distiller 7.0.5 (Windows))
MD5: 68964fe7f313b3dbd4fbcfd92469a380 SHA-1: a8a7fb8968a56439067408a2389ee4d37ca031c4 SHA-256: 92a8ce38ed00b15a1e25f1f8ee0feeec3c0242071572e2f42eb1c3688d3098c4
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. The ML classifier also flagged this PDF as malicious with high confidence.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-identity-of-the-constitutional-subject-selfhood-citizenship-culture-and.pdf
    • http://www.gorillawalker.com/color-atlas-of-physiology-basic-sciences-thieme.pdf
    • http://www.gorillawalker.com/afterlife-communication-16-proven-methods-85-true-accounts.pdf
    • http://www.gorillawalker.com/transvaginal-sonography.pdf
    • http://www.gorillawalker.com/pance-flashcard-study-system-pance-test-practice-questions-exam-review.pdf
    • http://www.gorillawalker.com/how-should-we-then-live-the-rise-and-decline-of.pdf
    • http://www.gorillawalker.com/the-multisensory-museum-cross-disciplinary-perspectives-on-touch-sound-smell.pdf
    • http://www.gorillawalker.com/noon-at-five-o-clock-the-short-stories-of-arthur.pdf
    • http://www.gorillawalker.com/sarah-mclachlan-for-piano-solo.pdf
    • http://www.gorillawalker.com/the-no-plot-no-problem-novel-writing-kit.pdf
    • http://www.gorillawalker.com/the-search-for-hidden-sacred-knowledge-kindle-edition.pdf
    • http://www.gorillawalker.com/lessons-in-truth-a-course-of-twelve-lessons-in-practical.pdf
    • http://www.gorillawalker.com/an-opening-repertoire-for-the-attacking-player-batsford-chess-library.pdf
    • http://www.gorillawalker.com/lady-macdonald-s-chocolate-book.pdf
    • http://www.gorillawalker.com/fibromyalgia-candida-living-symptom-free-holistic-approach-to-healthy-living.pdf
    • http://www.gorillawalker.com/the-maggie-s-year.pdf
    • http://www.gorillawalker.com/the-quarterback-killer-s-cookbook.pdf
    • http://www.gorillawalker.com/ver-begin.pdf
    • http://www.gorillawalker.com/around-the-world-in-80-men-boxed-set-31-35.pdf
    • http://www.gorillawalker.com/granville-s-new-strategy-of-daily-stock-market-timing-for.pdf
    • http://www.gorillawalker.com/by-kevin-ahern-kevin-and-indira-s-guide-to-getting.pdf
    • http://www.gorillawalker.com/statement-on-the-scope-and-standards-of-oncology-nursing-practice.pdf
    • http://www.gorillawalker.com/wine-basics-for-dummies.pdf
    • http://www.gorillawalker.com/he-was-my-chief-the-memoirs-of-adolf-hitler-s.pdf
    • http://www.gorillawalker.com/101-wacky-kid-jokes.pdf
    • http://www.gorillawalker.com/sociotechnical-enterprise-information-systems-design-and-integration.pdf
    • http://www.gorillawalker.com/rescuing-science-from-politics-regulation-and-the-distortion-of-scientific.pdf
    • http://www.gorillawalker.com/asvab-afqt-for-dummies-text-only-edition-unstated-edition-by.pdf
    • http://www.gorillawalker.com/pine-river-and-lone-peak-an-anthology-of-three-choson.pdf
    • http://www.gorillawalker.com/jazzy-blues-calendar-book-2014-art-quilts.pdf
    • http://www.gorillawalker.com/wonder-of-easter-kindle-edition.pdf
    • http://www.gorillawalker.com/is-parental-involvement-a-liability-in-youth-sports-issues-an.pdf
    • http://www.gorillawalker.com/the-bankrupt-bookseller.pdf
    • http://www.gorillawalker.com/theoretical-sensitivity-advances-in-the-methodology-of-grounded-theory.pdf
    • http://www.gorillawalker.com/rite-of-passage-how-to-teach-your-son-about-sex.pdf
    • http://www.gorillawalker.com/saddle-up-untold-stories-about-vietnam-from-an-army-infantryman.pdf
    • http://www.gorillawalker.com/portrait-of-an-athlete.pdf
    • http://www.gorillawalker.com/sociology-in-our-times.pdf
    • http://www.gorillawalker.com/leaving-time.pdf
    • http://www.gorillawalker.com/the-frog-and-toad-collection-box-set-i-can-read.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://www.YandY.com
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.