Malicious PDF — malware analysis report

Static analysis result for SHA-256 a49872e09a907b41…

MALICIOUS

PDF

46.7 KB Created: 2018-11-15 18:31:38 +03:00 Authoring application: LaTeX with hyperref package (via PDFlib PLOP 2.0.0p6 (SunOS)/Acrobat Distiller 5.0.5 (Windows))
MD5: b7b6fbc3b5bad2fa2350e7dca2c905ba SHA-1: 1ea90a70bc10354ba3f4c2d5fcc0429126f72cff SHA-256: a49872e09a907b4104887c6c948ee1fbbe5c7a3b6b899067806df2dc8e4fde4a
92 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The file was detected as a malicious PDF dropper by ClamAV and an ML classifier. It contains multiple external URLs pointing to PDF files, suggesting a lure to download further malicious content. The PDF_URI heuristic specifically identified one such URL, indicating the document's intent to redirect users to external resources.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8527

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7289545-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7289545-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-management-of-technology-and-innovation-a-strategic-approach-with.pdf
    • http://www.gorillawalker.com/i-am-soldier-war-stories-from-the-ancient-world-to.pdf
    • http://www.gorillawalker.com/graph-theory-and-finite-combinatorics-markham-mathematics-series-paperback.pdf
    • http://www.gorillawalker.com/afghan-cuisine-cooking-for-life-a-collection-of-afghan-recipes.pdf
    • http://www.gorillawalker.com/lion-s-woman-the.pdf
    • http://www.gorillawalker.com/principios-de-teoria-general-de-la-imagen-medios-spanish-edition.pdf
    • http://www.gorillawalker.com/rand-mcnally-2004-chicago-and-cook-county-street-guide-rand.pdf
    • http://www.gorillawalker.com/freiheit-durch-gold-german-edition-kindle-edition.pdf
    • http://www.gorillawalker.com/green-screen-glamour-photography-made-easy-how-to-create-beautiful.pdf
    • http://www.gorillawalker.com/top-30-nutritious-recommended-australian-salad-recipes-kindle-edition.pdf
    • http://www.gorillawalker.com/some-old-historic-landmarks-of-virginia-and-maryland-described-in.pdf
    • http://www.gorillawalker.com/wandering-spirits-chen-shiyuan-s-encyclopedia-of-dreams.pdf
    • http://www.gorillawalker.com/black-clouds-and-bright-blessings-sermons-on-ecclesiastes-spurgeon-through.pdf
    • http://www.gorillawalker.com/fermented-foods-for-vitality-health-boost-your-digestive-and-immune.pdf
    • http://www.gorillawalker.com/chemical-engineering-practice-volume-11-works-design-etc.pdf
    • http://www.gorillawalker.com/calif-victory-does-not-let-insurers-off-the-hook-defeat.pdf
    • http://www.gorillawalker.com/the-influence-of-don-r-marcouiller.pdf
    • http://www.gorillawalker.com/lighting-design-handbook.pdf
    • http://www.gorillawalker.com/presentation-zen-simple-ideas-on-presentation-design-and-delivery.pdf
    • http://www.gorillawalker.com/how-to-play-rock-n-roll-drums.pdf
    • http://www.gorillawalker.com/american-galactic.pdf
    • http://www.gorillawalker.com/sophie-in-shadow.pdf
    • http://www.gorillawalker.com/last-one-in-is-a-rotten-egg-book-and-tape.pdf
    • http://www.gorillawalker.com/great-source-write-on-track-sourcebook-student-edition.pdf
    • http://www.gorillawalker.com/take-advantage-of-my-unique-method-to-win-on-the.pdf
    • http://www.gorillawalker.com/body-structures-and-functions.pdf
    • http://www.gorillawalker.com/exchange.pdf
    • http://www.gorillawalker.com/the-messianic-aleph-tav-scriptures-modern-hebrew-study-bible.pdf
    • http://www.gorillawalker.com/a-love-affair-with-the-sun-a-memoir-of-seventy.pdf
    • http://www.gorillawalker.com/selected-poems-of-laurence-binyon-paperback.pdf
    • http://www.gorillawalker.com/south-park-conservatives-the-revolt-against-liberal-media-bias.pdf
    • http://www.gorillawalker.com/fodor-s-belize-with-a-side-trip-to-guatemala-full.pdf
    • http://www.gorillawalker.com/discovering-computers-2011-brief-by-shelly-gary-b-vermaat-misty.pdf
    • http://www.gorillawalker.com/faith-hope-charity-a-novel-of-virtue-and-vice-kindle.pdf
    • http://www.gorillawalker.com/the-haydn-yearbook-v-21-vol-21.pdf
    • http://www.gorillawalker.com/get-talking-russian-in-ten-days-beginner-audio-course-the.pdf
    • http://www.gorillawalker.com/1994-symposium-on-vlsi-circuits-digest-of-technical-papers-ieee.pdf
    • http://www.gorillawalker.com/la-prima-lacrima-italian-edition.pdf
    • http://www.gorillawalker.com/discovering-shakespeare-s-meaning-an-introduction-to-the-study-of.pdf
    • http://www.gorillawalker.com/mat-flashcard-study-system-mat-exam-practice-questions-review-for.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.