Pdf.Dropper.Agent-7569492-0 — PDF malware analysis

Static analysis result for SHA-256 963ca7723af3e324…

MALICIOUS

PDF

33.5 KB Created: 2020-01-17 19:20:01 +03:00 Authoring application: LaTeX with hyperref and pdfscreen (via Mac OS X 10.5.7 Quartz PDFContext)
MD5: d7d534b208297a5b451679a0a121f027 SHA-1: faec25de97c5019d8f0ed52d51ea6db89d0f0edd SHA-256: 963ca7723af3e32441009f9c1460b28e00af255c86718ff7e485a79cf5664085
92 Risk Score

Malware Insights

Pdf.Dropper.Agent-7569492-0 · confidence 95%

MITRE ATT&CK
T1204.002 Malicious File

The file was detected by ClamAV as Pdf.Dropper.Agent-7569492-0 and flagged by an ML classifier as malicious. The PDF contains multiple external URIs pointing to PDF files on the same domain, suggesting it is a dropper intended to lead the user to download and execute further malicious content. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8313

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7569492-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7569492-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/animals-robert-scott-saw-an-adventure-in-antarctica.pdf
    • http://www.gorillawalker.com/let-s-talk-about-feeling-angry-let-s-talk-about.pdf
    • http://www.gorillawalker.com/when-the-chips-are-down-three-of-a-kind-book.pdf
    • http://www.gorillawalker.com/exposition-of-the-whole-bible.pdf
    • http://www.gorillawalker.com/bioaerosols-indoor-air-research.pdf
    • http://www.gorillawalker.com/a-history-of-the-warfare-of-science-with-theology-in.pdf
    • http://www.gorillawalker.com/fundamental-dance-steps-and-music.pdf
    • http://www.gorillawalker.com/polka-dot-puppy-magic-castle-readers.pdf
    • http://www.gorillawalker.com/the-game-changer-a-memoir-of-disruptive-love.pdf
    • http://www.gorillawalker.com/construction-contract-preparation-and-management-from-concept-to-completion.pdf
    • http://www.gorillawalker.com/the-real-estate-challenge-capitalizing-on-change.pdf
    • http://www.gorillawalker.com/pocket-guide-to-urology-third-edition.pdf
    • http://www.gorillawalker.com/carlos-the-dawn-is-no-longer-beyond-our-reach-the.pdf
    • http://www.gorillawalker.com/see-know-serve-the-people-within-your-reach-paperback.pdf
    • http://www.gorillawalker.com/le-judas-de-satan-tome-1-2.pdf
    • http://www.gorillawalker.com/judaism-introducing-issues-with-opposing-viewpoints.pdf
    • http://www.gorillawalker.com/a-zempleni-hegyseg-turistaterkepe-deli-resz-tourist-map-touristenkarte-carte.pdf
    • http://www.gorillawalker.com/manual-of-analysis-of-fruit.pdf
    • http://www.gorillawalker.com/bad-boys-and-girls-of-the-bible-box-set.pdf
    • http://www.gorillawalker.com/winning-your-personal-injury-claim-with-sample-forms-and-worksheets.pdf
    • http://www.gorillawalker.com/psychology-concepts-connections-brief-version.pdf
    • http://www.gorillawalker.com/bless-the-bees-the-pending-extinction-of-our-pollinators-and.pdf
    • http://www.gorillawalker.com/40-40-vision-clarifying-your-mission-in-midlife.pdf
    • http://www.gorillawalker.com/counterterrorism-law-elective-series.pdf
    • http://www.gorillawalker.com/measurement-and-detection-of-radiation.pdf
    • http://www.gorillawalker.com/holt-texas-texas-taks-every-day-activities-holt-texas-2003.pdf
    • http://www.gorillawalker.com/trial-by-fire-tales-from-the-dawn-of-the-computer.pdf
    • http://www.gorillawalker.com/first-dawn-freedom-s-path-series-1.pdf
    • http://www.gorillawalker.com/the-molecular-basis-of-cancer-4e.pdf
    • http://www.gorillawalker.com/brew-your-own-real-ale-at-home-camra-guides.pdf
    • http://www.gorillawalker.com/genesis-genesis-37-50-expositional-commentary.pdf
    • http://www.gorillawalker.com/ecumenical-dialogue-unitas-books.pdf
    • http://www.gorillawalker.com/whatever-happened-to-the-british-motorcycle-industry.pdf
    • http://www.gorillawalker.com/man-of-war.pdf
    • http://www.gorillawalker.com/air-play-songwriting-tips-from-a-pro-kindle-edition.pdf
    • http://www.gorillawalker.com/the-official-patient-s-sourcebook-on-sarcoidosis.pdf
    • http://www.gorillawalker.com/pianorama-christmas-pianorama-unfold-play.pdf
    • http://www.gorillawalker.com/my-top-five-atlanta-kindle-edition.pdf
    • http://www.gorillawalker.com/rogerson-s-book-of-numbers-the-culture-of-numbers-from.pdf
    • http://www.gorillawalker.com/clep-calculus-w-online-practice-exams-clep-test-preparation-kindle.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.