Malicious PDF — malware analysis report

Static analysis result for SHA-256 b6439749cdb8fd74…

MALICIOUS

PDF

35.4 KB Created: 2019-11-21 08:27:48 +03:00 Authoring application: - (via htmldoc 1.8.23 Copyright 1997-2002 Easy Software Products, All Rights Reserved.)
MD5: ef340abda9294c6a4ed935c7c0f4a7fe SHA-1: b11154fad2399feb8afde1ebfe55ab4dfc0afe84 SHA-256: b6439749cdb8fd74c37243c036d361e1aebdefec6c63f94a7f4fb21d33e06bd3
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF was flagged for containing a large number of external links, a technique often used for SEO manipulation or to distribute malicious content. The ML classifier also indicated a high probability of maliciousness. No scripts were extracted, and the document body was unreadable, limiting further analysis of the specific lure.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8255

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/lifemanship-some-notes-on-lifemanship-with-a-summary-of-recent.pdf
    • http://www.gorillawalker.com/toward-a-theology-of-migration-social-justice-and-religious-experience.pdf
    • http://www.gorillawalker.com/alzheimer-s-disease-frequently-asked-questions.pdf
    • http://www.gorillawalker.com/tailgating-cookbook-the-world-of-burgers-brats-and-hotdogs-kindle.pdf
    • http://www.gorillawalker.com/sex-crazed-werewolves-hunter-s-moon-bikers.pdf
    • http://www.gorillawalker.com/l-enfant-noir-ed-hutchinson.pdf
    • http://www.gorillawalker.com/art-nature-and-religion-in-the-central-andes-themes-and.pdf
    • http://www.gorillawalker.com/let-s-play-dudley.pdf
    • http://www.gorillawalker.com/a-not-too-greatly-changed-eden-the-story-of-the.pdf
    • http://www.gorillawalker.com/envision-math-common-core-reteaching-and-practice-workbook-grade-6.pdf
    • http://www.gorillawalker.com/disney-movie-favorites-alto-saxophone.pdf
    • http://www.gorillawalker.com/a-z-law-handbook-digital-edition-a-z-handbooks.pdf
    • http://www.gorillawalker.com/extracellular-matrix-degradation-biology-of-extracellular-matrix.pdf
    • http://www.gorillawalker.com/let-it-go-from-frozen-from-frozen-series-disney-choral.pdf
    • http://www.gorillawalker.com/money-possessions-and-eternity.pdf
    • http://www.gorillawalker.com/easy-jazz-favorites-trumpet-1-trumpet-1.pdf
    • http://www.gorillawalker.com/legions-of-rome-the-definitive-history-of-every-imperial-roman.pdf
    • http://www.gorillawalker.com/let-s-fix-america.pdf
    • http://www.gorillawalker.com/beginning-asp-net-4-in-c-and-vb-kindle-edition.pdf
    • http://www.gorillawalker.com/guerrilla-daughter.pdf
    • http://www.gorillawalker.com/sexual-assault-and-sexual-harassment-in-the-u-s-military.pdf
    • http://www.gorillawalker.com/the-modernization-of-sex-havelock-ellis-alfred-kinsey-william-masters.pdf
    • http://www.gorillawalker.com/starting-out-in-german-unabridged-audible-audio-edition.pdf
    • http://www.gorillawalker.com/psilocybin-mushroom-handbook-easy-indoor-and-outdoor-cultivation.pdf
    • http://www.gorillawalker.com/moving-to-majorca.pdf
    • http://www.gorillawalker.com/passages-in-modern-sculpture.pdf
    • http://www.gorillawalker.com/clean-eats-over-200-delicious-recipes-to-reset-your-body.pdf
    • http://www.gorillawalker.com/the-botany-of-desire-a-plant-s-eye-view-of.pdf
    • http://www.gorillawalker.com/outline-of-oral-and-dental-anatomy-outline-series.pdf
    • http://www.gorillawalker.com/pourquoi-rit-on-freud-et-le-mot-d-esprit-debats.pdf
    • http://www.gorillawalker.com/foundations-of-private-law-property-tort-contract-unjust-enrichment.pdf
    • http://www.gorillawalker.com/inner-faith-movement-the-new-age-enters-the-church.pdf
    • http://www.gorillawalker.com/the-secrets-to-stepfamily-success.pdf
    • http://www.gorillawalker.com/beckham-s-guide-to-scholarships-for-black-and-minority-students.pdf
    • http://www.gorillawalker.com/breyer-animal-collector-s-guide-identification-and-values-5th-edition.pdf
    • http://www.gorillawalker.com/color-atlas-of-human-anatomy-locomotor-system-vol-1-flexibook.pdf
    • http://www.gorillawalker.com/debt-collections-stir-fried-or-deep-fried-asian-western-strategies.pdf
    • http://www.gorillawalker.com/bulletin-volcanologique-bulletin-of-volcanology-volume-62-2000-01.pdf
    • http://www.gorillawalker.com/wong-on-dice.pdf
    • http://www.gorillawalker.com/casa-florida-spanish-style-houses-from-winter-park-to-coral.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.