Malicious PDF — malware analysis report

Static analysis result for SHA-256 a4da2e532e3f0050…

MALICIOUS

PDF

43.3 KB Created: 2018-12-15 08:52:48 +03:00 Authoring application: Adobe Illustrator CS3 (via Adobe PDF library 8.00)
MD5: af142b336acfcdac997a8263411c31f0 SHA-1: 11c0cb7cbcba65826bda1ac93c1218cedf0e2961 SHA-256: a4da2e532e3f0050c8290f1de6c82be41a7e68fd0ed1df14516930a7728b3dc6
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file contains a large number of embedded URLs pointing to external PDF documents on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or SEO manipulation tactic, which can be used to distribute malicious content or improve search engine ranking for malicious sites. The ML classifier also flagged this PDF as malicious with a high probability.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9171

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/eating-at-arby-s-the-south-florida-stories.pdf
    • http://www.gorillawalker.com/silent-question-a-spiritual-odyssey.pdf
    • http://www.gorillawalker.com/sixteen-sissy-shorts-femdom-stories-of-forced-feminization-kindle-edition.pdf
    • http://www.gorillawalker.com/19-nineteen-god-s-signature-in-nature-and-scripture.pdf
    • http://www.gorillawalker.com/linda-s-kitchen-simple-and-inspiring-recipes-for-meatless-meals.pdf
    • http://www.gorillawalker.com/east-asian-national-identities-common-roots-and-chinese-exceptionalism.pdf
    • http://www.gorillawalker.com/hallelujah-chorus-the-sab-sab-sheet-music.pdf
    • http://www.gorillawalker.com/tongue-thrust-book-oral-myofunctional-therapy-and-articulation-correction.pdf
    • http://www.gorillawalker.com/the-great-depression-for-kids-hardship-and-hope-in-1930s.pdf
    • http://www.gorillawalker.com/selected-political-writings-hackett-classics.pdf
    • http://www.gorillawalker.com/from-the-vine.pdf
    • http://www.gorillawalker.com/die-fehlentscheidungen-der-fussballschiedsrichter-german-edition.pdf
    • http://www.gorillawalker.com/great-boer-war.pdf
    • http://www.gorillawalker.com/political-tolerance-and-american-democracy-midway-reprint.pdf
    • http://www.gorillawalker.com/great-ideas-prince-penguin-great-ideas.pdf
    • http://www.gorillawalker.com/official-guide-to-the-toefl-test-with-cd-rom-4th.pdf
    • http://www.gorillawalker.com/the-shadow-of-saganami-the-saganami-island.pdf
    • http://www.gorillawalker.com/abacus-skills-bank-level-2.pdf
    • http://www.gorillawalker.com/structural-analysis-and-behavior.pdf
    • http://www.gorillawalker.com/sri-lanka-southern-india-2015-itm-2780.pdf
    • http://www.gorillawalker.com/let-s-go-6-audio-cd.pdf
    • http://www.gorillawalker.com/contagious-chaos-the-contagium-series-book-3-volume-1.pdf
    • http://www.gorillawalker.com/manga-drawing-books-how-to-draw-manga-basic-characters-book.pdf
    • http://www.gorillawalker.com/decorative-hardware-interior-designing-with-knobs-handles-latches-locks-hinges.pdf
    • http://www.gorillawalker.com/how-to-farm-for-profit-practical-enterprise-analysis.pdf
    • http://www.gorillawalker.com/african-american-women-and-the-vote-1837-1965.pdf
    • http://www.gorillawalker.com/leyendas-de-america-latina-contadas-para-ninos-latin-american-legends.pdf
    • http://www.gorillawalker.com/before-amen-the-power-of-a-simple-prayer-unabridged-audible.pdf
    • http://www.gorillawalker.com/willing-patriots-men-of-color-in-the-first-world-war.pdf
    • http://www.gorillawalker.com/geology-of-the-pacific-northwest-investigate-how-the-earth-was.pdf
    • http://www.gorillawalker.com/gulf-war-and-health-fuels-combustion-products-and-propellants-vol.pdf
    • http://www.gorillawalker.com/high-blood-pressure-cause-effect-and-prevention-prevention-health-guides.pdf
    • http://www.gorillawalker.com/a-guide-for-using-nate-the-great-in-the-classroom.pdf
    • http://www.gorillawalker.com/examen-de-descriptividad-un-compendio-de-propiedad-intelectual-n-3.pdf
    • http://www.gorillawalker.com/living-with-oral-allergy-syndrome-a-gluten-and-meat-free.pdf
    • http://www.gorillawalker.com/exercises-for-trumpet-trumpet-technique.pdf
    • http://www.gorillawalker.com/airliners-no-13-boac-nigeria-british-united-british-caledonian-east.pdf
    • http://www.gorillawalker.com/pizza-tacos-and-the-olive-fingered-kid-volume-3.pdf
    • http://www.gorillawalker.com/what-is-velocity-rookie-read-about-science.pdf
    • http://www.gorillawalker.com/fire-warrior-warhammer-40-000.pdf
    • http://www.gorillawalker.com/linda-
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.