Malicious PDF — malware analysis report

Static analysis result for SHA-256 a596b467708675ad…

MALICIOUS

PDF

44.1 KB Created: 2019-05-05 01:56:12 +03:00 Authoring application: - (via Acrobat Distiller 10.1.10 (Windows))
MD5: 299ccfb993c03d7cbecaed03824066c9 SHA-1: c84b591c3a0ef24e2537b10c26f6a11d5237abd5 SHA-256: a596b467708675ade326fffd1b47c3d61278a069f5840ef87b14646235b5ecf1
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF was flagged by a machine learning classifier and contains a large number of external links, indicating it is likely part of a link farm or SEO spam campaign. The embedded URLs all point to PDF files on the same domain, suggesting a coordinated effort to distribute content or potentially lure users to malicious sites through these links. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8683

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-catholic-myth.pdf
    • http://www.gorillawalker.com/living-with-animals-ojibwe-spirit-powers.pdf
    • http://www.gorillawalker.com/the-partha-chatterjee-omnibus-nationalist-thought-and-the-colonial-world.pdf
    • http://www.gorillawalker.com/waste-minimization-through-process-design.pdf
    • http://www.gorillawalker.com/my-step-s-gay-sex-secret-taboo-gay-rough-sex.pdf
    • http://www.gorillawalker.com/cuestion-chileno-arjentina-spanish-edition.pdf
    • http://www.gorillawalker.com/national-geographic-magazine-september-1981-vol-160-no-3.pdf
    • http://www.gorillawalker.com/clubhouse-christmas-mickey-mouse-clubhouse.pdf
    • http://www.gorillawalker.com/hastie-studio-piano-scale-cheat-sheet-finger-charts.pdf
    • http://www.gorillawalker.com/vogue-patterns-magazine-january-february-1993-fashion-sewing-designer-suits.pdf
    • http://www.gorillawalker.com/education-and-inspection-bill-second-marshalled-list-of-amendments-to.pdf
    • http://www.gorillawalker.com/is-god-back-reconsidering-the-new-visibility-of-religion-digital.pdf
    • http://www.gorillawalker.com/another-country-help-me-i-m-out-of-control-thank.pdf
    • http://www.gorillawalker.com/anna-banana-and-the-monkey-in-the-middle.pdf
    • http://www.gorillawalker.com/cool-school-road-to-writing.pdf
    • http://www.gorillawalker.com/kentucky-wildlife-viewing-guide-wildlife-viewing-guides-series.pdf
    • http://www.gorillawalker.com/life-everlasting-the-animal-way-of-death.pdf
    • http://www.gorillawalker.com/an-invitation-to-italian-cooking.pdf
    • http://www.gorillawalker.com/descriptive-writing-writing-4.pdf
    • http://www.gorillawalker.com/transformers-animated-coloring-and-activity-book-and-crayons.pdf
    • http://www.gorillawalker.com/fireworks-r-mx-the-complete-reference.pdf
    • http://www.gorillawalker.com/american-olympic-stars.pdf
    • http://www.gorillawalker.com/special-education-law-statutes-and-regulations-document-supplement.pdf
    • http://www.gorillawalker.com/with-a-little-help-from-my-friends-six-tantalizing-tales.pdf
    • http://www.gorillawalker.com/psychotherapy-for-children-with-bipolar-disorder-dvd-workshop-series-on.pdf
    • http://www.gorillawalker.com/methods-for-business-analysis-and-forecasting-text-and-cases.pdf
    • http://www.gorillawalker.com/the-essentials-of-formal-axiology.pdf
    • http://www.gorillawalker.com/chemistry-of-metalloproteins-problems-and-solutions-in-bioinorganic-chemistry-wiley.pdf
    • http://www.gorillawalker.com/common-vertebral-joint-problems-2e.pdf
    • http://www.gorillawalker.com/fruit-infused-water-70-vitamin-water-recipes-to-finally-cure.pdf
    • http://www.gorillawalker.com/restorative-gardens-the-healing-landscape.pdf
    • http://www.gorillawalker.com/pills-and-starships.pdf
    • http://www.gorillawalker.com/ruta-de-los-nazis-en-los-tiempos-de-peron-l.pdf
    • http://www.gorillawalker.com/the-constitution-of-france-a-contextual-analysis-constitutional-systems-of.pdf
    • http://www.gorillawalker.com/tutto-perfetto-cos-com-come-vivere-una-vita-felicemente-extra.pdf
    • http://www.gorillawalker.com/the-complete-idiot-s-guide-to-alchemy-idiot-s-guides.pdf
    • http://www.gorillawalker.com/rehabilitating-lochner-defending-individual-rights-against-progressive-reform.pdf
    • http://www.gorillawalker.com/law-and-professional-issues-in-midwifery-transforming-midwifery-practice-series.pdf
    • http://www.gorillawalker.com/american-quilt-calendar-2013-willimasburg.pdf
    • http://www.gorillawalker.com/uncensored-photography-2-uncensored-photography-of-hot-asian-women.pdf
    • http://www.gorillawalker.com/cuestion-chileno-arjentina-spanish-editio
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.