Malicious PDF — malware analysis report

Static analysis result for SHA-256 b370fd2001ceef20…

MALICIOUS

PDF

41.8 KB Created: 2018-12-03 17:09:15 +03:00 Authoring application: Adobe InDesign CS4 (6.0.4) (via Adobe PDF Library 9.0)
MD5: b6c2ae43de6a125b88a4e52cfbc2033a SHA-1: 284046728cda4eb1a64c8476b51d73aca112d36c SHA-256: b370fd2001ceef20d3f116ac3ba08f8d13bb0bbee98acf438dbd99226eff4d72
92 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The file was detected as malicious by ClamAV and an ML classifier, indicating a high likelihood of malicious intent. The PDF contains numerous embedded URLs pointing to external resources, suggesting a phishing or redirection attempt. No scripts were extracted, and the document body was heavily obfuscated, limiting further analysis of the specific lure.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9181

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7294690-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7294690-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-confucian-philosophy-of-harmony-routledge-studies-in-asian-religion.pdf
    • http://www.gorillawalker.com/english-arabic-arabic-english-dictionary-phrasebook-hippocrene-dictionary-phrasebooks.pdf
    • http://www.gorillawalker.com/finite-element-simulation-of-heat-transfer-iste.pdf
    • http://www.gorillawalker.com/deep-web.pdf
    • http://www.gorillawalker.com/haiti-and-the-dominican-republic-headline-focus-wall-map-2.pdf
    • http://www.gorillawalker.com/lost-in-minecraft-sarah-s-story-lost-in-minecraft-world.pdf
    • http://www.gorillawalker.com/wings-of-creation-the-silver-ship.pdf
    • http://www.gorillawalker.com/the-complete-conan-saga-kindle-edition.pdf
    • http://www.gorillawalker.com/the-dirty-8-the-8-dirtiest-insurance-adjuster-tricks-that.pdf
    • http://www.gorillawalker.com/word-biblical-commentary-vol-48-james.pdf
    • http://www.gorillawalker.com/impulse-flexibility-pilates.pdf
    • http://www.gorillawalker.com/taboo-cuckold-mmf-stepbrother-domination-erotica.pdf
    • http://www.gorillawalker.com/crossfire-nick-stone-book-10-andy-mcnab-s-best-selling.pdf
    • http://www.gorillawalker.com/handbook-of-linear-algebra-second-edition-discrete-mathematics-and-its.pdf
    • http://www.gorillawalker.com/the-impossible-dream.pdf
    • http://www.gorillawalker.com/florida-plants-and-animals-state-studies-florida.pdf
    • http://www.gorillawalker.com/georges-simenon-revisited.pdf
    • http://www.gorillawalker.com/color-atlas-of-smas-rhytidectomy-operative-techniques-in-plastic-surgery.pdf
    • http://www.gorillawalker.com/differential-equations-bifurcations-and-chaos-in-economics-series-on-advances.pdf
    • http://www.gorillawalker.com/will-barnet-27-master-prints.pdf
    • http://www.gorillawalker.com/all-glory-be-to-god-alone-sheet-music-all-ehr.pdf
    • http://www.gorillawalker.com/how-the-sun-got-to-coco-s-house.pdf
    • http://www.gorillawalker.com/vampires-don-t-sparkle.pdf
    • http://www.gorillawalker.com/heat-transfer-design-methods.pdf
    • http://www.gorillawalker.com/bundle-salkind-statistics-for-people-who-think-they-hate-statistics.pdf
    • http://www.gorillawalker.com/tu-cerebro-creativo-7-pasos-para-maximizar-la-innovaci.pdf
    • http://www.gorillawalker.com/hear-my-prayer-prayer-organ-sheet-music.pdf
    • http://www.gorillawalker.com/fauna-of-renuka-wetland-himachal-pradesh-wetland-ecosystem-series.pdf
    • http://www.gorillawalker.com/catch-me.pdf
    • http://www.gorillawalker.com/electric-machinery.pdf
    • http://www.gorillawalker.com/victoria-facts-folklore.pdf
    • http://www.gorillawalker.com/you-don-t-have-to-be-a-treehugger-to-be.pdf
    • http://www.gorillawalker.com/the-philosophy-of-art-an-introduction.pdf
    • http://www.gorillawalker.com/code-check-plumbing-a-field-guide-to-building-a-safe.pdf
    • http://www.gorillawalker.com/ameliorative-satire-and-the-seventeenth-century-chinese-novel-xingshi-yinyuan.pdf
    • http://www.gorillawalker.com/compensation-under-the-motor-vehicles-act-a-critique.pdf
    • http://www.gorillawalker.com/swords-around-a-throne-kindle-edition.pdf
    • http://www.gorillawalker.com/diana-the-goddess-who-hunts-alone-kindle-edition.pdf
    • http://www.gorillawalker.com/the-starch-solution-eat-the-foods-you-love-regain-your.pdf
    • http://www.gorillawalker.com/complex-analysis-second-edition.pdf
    • http://www.goril
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.