Malicious PDF — malware analysis report

Static analysis result for SHA-256 98a07f5a2cbed1bf…

MALICIOUS

PDF

40.9 KB Created: 2019-03-19 15:25:41 +03:00 Authoring application: FrameMaker 6.0 (via Acrobat Distiller 6.0.1 for Macintosh)
MD5: 22969d07f8f7fc06faee20d9c86cbd0e SHA-1: 03153e6bac1464507a9024203b6430e092a4fde8 SHA-256: 98a07f5a2cbed1bfb24fbdc9ba480193be927cad5cf970791e44f632ddc6927d
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of external links, identified by the PDF_SEO_LINK_FARM heuristic, pointing to various PDF documents on the domain www.gorillawalker.com. This suggests a link farm or redirection tactic, likely intended to drive traffic or potentially host malicious content indirectly. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/le-catechisme-de-jean-paul-ii-genese-et-evaluation-de.pdf
    • http://www.gorillawalker.com/aerobics.pdf
    • http://www.gorillawalker.com/bloomberg-visual-guide-to-candlestick-charting.pdf
    • http://www.gorillawalker.com/steampunk-charles-dickens-a-christmas-carol-steampunk-classics.pdf
    • http://www.gorillawalker.com/blackjack-calendar-2000-horses.pdf
    • http://www.gorillawalker.com/hypertension-in-kidney-disease-developments-in-nephrology.pdf
    • http://www.gorillawalker.com/tensor-analysis-on-manifolds.pdf
    • http://www.gorillawalker.com/the-constitution-of-belgium-a-contextual-analysis-digital.pdf
    • http://www.gorillawalker.com/gandhi-great-names.pdf
    • http://www.gorillawalker.com/philosophies-of-art-and-beauty-selected-readings-in-aesthetics-from.pdf
    • http://www.gorillawalker.com/pancho-villa-una-biografia-narrativa-spanish-edition.pdf
    • http://www.gorillawalker.com/analysis-manifolds-and-physics-part-ii-revised-and-enlarged-edition.pdf
    • http://www.gorillawalker.com/merriam-webster-s-rhyming-dictionary.pdf
    • http://www.gorillawalker.com/most-probable-position-history-of-aerial-navigation-to-1941.pdf
    • http://www.gorillawalker.com/a-study-of-japanese-animation-as-translation-a-descriptive-analysis.pdf
    • http://www.gorillawalker.com/the-significance-of-the-dated-prehistory-of-chetro-ketl-chaco.pdf
    • http://www.gorillawalker.com/cats-i-have-known-and-loved.pdf
    • http://www.gorillawalker.com/god-s-bucket-list-heaven-s-surefire-way-to-happiness.pdf
    • http://www.gorillawalker.com/clive-barker-s-hellraiser-vol-1.pdf
    • http://www.gorillawalker.com/the-big-bang-an-otto-penzler-book-otto-penzler-books.pdf
    • http://www.gorillawalker.com/best-ever-book-of-wok-stir-fry.pdf
    • http://www.gorillawalker.com/the-use-of-psychological-testing-for-treatment-planning-and-outcomes.pdf
    • http://www.gorillawalker.com/video-made-easy-how-to-use-enjoy-your-home-video.pdf
    • http://www.gorillawalker.com/hope-s-boy.pdf
    • http://www.gorillawalker.com/card-tricks-for-beginners.pdf
    • http://www.gorillawalker.com/the-sea-king-s-daughter-a-russian-legend-15th-anniversary.pdf
    • http://www.gorillawalker.com/introduction-to-applied-graph-theory.pdf
    • http://www.gorillawalker.com/biking-on-bike-trails-between-chicago-milwaukee.pdf
    • http://www.gorillawalker.com/she-had-to-have-it-her-way-jamishas-story-kindle.pdf
    • http://www.gorillawalker.com/programming-f-3-0.pdf
    • http://www.gorillawalker.com/15-months-of-winter-my-year-in-north-dakota.pdf
    • http://www.gorillawalker.com/the-book-of-ephesians-paul-s-letter-to-the-church.pdf
    • http://www.gorillawalker.com/fitness-4play-one-night-stand-volume-1.pdf
    • http://www.gorillawalker.com/the-black-door-black-door-novels.pdf
    • http://www.gorillawalker.com/chicago-then-and-now-then-now-hardcover.pdf
    • http://www.gorillawalker.com/terapia-de-parejas-couple-s-therapy-ciencias-sociales-spanish-edition.pdf
    • http://www.gorillawalker.com/contemporary-occupational-health-psychology-global-perspectives-on-research-and-practice.pdf
    • http://www.gorillawalker.com/iditarod-trail-annual-1984.pdf
    • http://www.gorillawalker.com/successful-direct-marketing-methods-third-edition.pdf
    • http://www.gorillawalker.com/tennis-rules-and-techniques-in-pictures.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.