Malicious PDF — malware analysis report

Static analysis result for SHA-256 a06d8e9e2fd3a64e…

MALICIOUS

PDF

40.8 KB Created: 2018-11-30 20:09:03 +03:00 Authoring application: LaTeX with hyperref package (via pdfTeX-1.40.4)
MD5: 87e32ab5ca76be49bcfa16c350bb0753 SHA-1: 3b2bed958f76360c787aba3dbf852f0274134859 SHA-256: a06d8e9e2fd3a64e2b68e6334744db781dee3e0a6bf09f02f84ec02088c4a4c9
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF contains a large number of embedded links to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The document body is heavily obfuscated and does not provide clear textual content, but the presence of numerous links suggests a malicious intent, possibly for SEO manipulation or to distribute further malicious content. No scripts were extracted from this sample.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-application-of-the-rule-of-exhaustion-of-local-remedies.pdf
    • http://www.gorillawalker.com/reading-comprehension-grade-4-master-skills.pdf
    • http://www.gorillawalker.com/adam-smith-als-rechtstheoretiker-german-edition.pdf
    • http://www.gorillawalker.com/bob-marley-songs-of-freedom-piano-voiceguitar.pdf
    • http://www.gorillawalker.com/caroline-myss-essential-guide-for-healers.pdf
    • http://www.gorillawalker.com/chinese-foreign-policy-in-an-age-of-transition-the-diplomacy.pdf
    • http://www.gorillawalker.com/what-if-i-had-been-the-hero-investigating-women-s.pdf
    • http://www.gorillawalker.com/america-in-vietnam-a-documentary-history.pdf
    • http://www.gorillawalker.com/nunca-ejacule-cedo-mais-torne-se-um-amante-de-longa.pdf
    • http://www.gorillawalker.com/biograf-a-del-poder-4-francisco-villa-entre-el-ngel.pdf
    • http://www.gorillawalker.com/the-tibetan-book-of-the-great-liberation.pdf
    • http://www.gorillawalker.com/sources-and-control-of-air-pollution.pdf
    • http://www.gorillawalker.com/the-military-history-of-wisconsin-a-record-of-the-civil.pdf
    • http://www.gorillawalker.com/marley-s-diary-a-spiritual-look-at-life-from-a.pdf
    • http://www.gorillawalker.com/cultureshock-australia.pdf
    • http://www.gorillawalker.com/the-essential-charles-darwin-collection-illustrated-kindle-edition.pdf
    • http://www.gorillawalker.com/hawaiian-coastal-plants.pdf
    • http://www.gorillawalker.com/compendio-de-medicina-interna-spanish-edition-kindle-edition.pdf
    • http://www.gorillawalker.com/principles-of-solid-state-physics.pdf
    • http://www.gorillawalker.com/commentary-on-jonah-spurgeon-commentary-series-kindle-edition.pdf
    • http://www.gorillawalker.com/kia-sephia-spectra-sportage-automotive-repair-manual-haynes-automotive-repair.pdf
    • http://www.gorillawalker.com/orchids-for-dummies.pdf
    • http://www.gorillawalker.com/knife-self-defense-for-combat-special-forces-ranger-udt-seal.pdf
    • http://www.gorillawalker.com/essential-brazilian-jiu-jitsu.pdf
    • http://www.gorillawalker.com/passive-solar-architecture-logic-and-beauty-35-outstanding-houses-across.pdf
    • http://www.gorillawalker.com/i-belong-common-worship-first-holy-communion-programme-child-s.pdf
    • http://www.gorillawalker.com/running-blind.pdf
    • http://www.gorillawalker.com/concise-exegetical-grammar-of-new-testament.pdf
    • http://www.gorillawalker.com/inside-the-mouse-work-and-play-at-disney-world-post.pdf
    • http://www.gorillawalker.com/barbados-adventure-guide-adventure-guides-kindle-edition.pdf
    • http://www.gorillawalker.com/the-redwall-cookbook.pdf
    • http://www.gorillawalker.com/all-i-ask-of-you-from-the-phantom-of-the.pdf
    • http://www.gorillawalker.com/essays-in-zen-buddhism-third-series.pdf
    • http://www.gorillawalker.com/the-story-of-fergie-bey-awaraquay-told-by-himself-and.pdf
    • http://www.gorillawalker.com/introduction-to-the-theory-of-sets-dover-books-on-mathematics.pdf
    • http://www.gorillawalker.com/the-black-mirror-looking-at-life-through-death.pdf
    • http://www.gorillawalker.com/law-society-of-ireland-manual-landlord-and-tenant-law.pdf
    • http://www.gorillawalker.com/a-dangerous-game-peabody-adventure-series-2.pdf
    • http://www.gorillawalker.com/managing-dyslexia-at-university-a-resource-for-students-academic-and.pdf
    • http://www.gorillawalker.com/tiny-talks-a-book-of-devotions-for-small-children.pdf
    • http://www.gorillawalker.com/am
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.