Malicious PDF — malware analysis report

Static analysis result for SHA-256 da7068ec94f5935f…

MALICIOUS

PDF

44.4 KB Created: 2018-11-30 20:56:46 +03:00 Authoring application: Word (via Mac OS X 10.10.5 Quartz PDFContext)
MD5: 9c55b51d17aeec933f27b4f005663bae SHA-1: f8534d776ec3aaefc6161a0816a5ac12de3dabee SHA-256: da7068ec94f5935f670fba51f660b58cad05a5d991133b518412b43c6f90ce72
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF file contains a large number of embedded links pointing to external PDF documents on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or a redirection scheme, likely intended to drive traffic or potentially host malicious content. The ML classifier also flagged this PDF as malicious with a high probability.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9016

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/alternative-social-services-for-women.pdf
    • http://www.gorillawalker.com/robot-system-reliability-and-safety-a-modern-approach-digital.pdf
    • http://www.gorillawalker.com/world-war-ii-in-europe-america-goes-to-war-american.pdf
    • http://www.gorillawalker.com/the-poets-of-tin-pan-alley-a-history-of-america.pdf
    • http://www.gorillawalker.com/holt-mcdougal-larson-algebra-2-california-teacher-s-edition-2007.pdf
    • http://www.gorillawalker.com/soul-healing-love.pdf
    • http://www.gorillawalker.com/imagined-lives-a-study-of-david-malouf-uqp-studies-in.pdf
    • http://www.gorillawalker.com/gerontology-an-interdisciplinary-perspective.pdf
    • http://www.gorillawalker.com/why-do-i-love-you-sheet-music.pdf
    • http://www.gorillawalker.com/road-to-pakistan-the-life-and-times-of-mohammad-ali.pdf
    • http://www.gorillawalker.com/the-ashgate-research-companion-to-john-owen-s-theology-ashgate.pdf
    • http://www.gorillawalker.com/chaos-and-organization-in-health-care-paperback.pdf
    • http://www.gorillawalker.com/niv-standard-lesson-commentary-large-print-2010-2011.pdf
    • http://www.gorillawalker.com/hilldiggers-a-novel-of-the-polity.pdf
    • http://www.gorillawalker.com/a-brief-history-of-chinese-civilization.pdf
    • http://www.gorillawalker.com/fantasy-workshop-mastering-digital-painting-techniques-imaginefx.pdf
    • http://www.gorillawalker.com/rachel-calof-s-story-jewish-homesteader-on-the-northern-plains.pdf
    • http://www.gorillawalker.com/gold-panning-instructions.pdf
    • http://www.gorillawalker.com/what-every-educator-should-know-about-using-google.pdf
    • http://www.gorillawalker.com/beyond-this-moment-timber-ridge-reflections-book-2.pdf
    • http://www.gorillawalker.com/lippincott-textbook-for-nursing-assistants-a-humanistic-approach-to-caregiving.pdf
    • http://www.gorillawalker.com/aircraft-pavement-interaction-an-integrated-system-proceedings-of-a-conference.pdf
    • http://www.gorillawalker.com/in-vitro-propagation-of-ginger-zingiber-officinale-rosc-basics-and.pdf
    • http://www.gorillawalker.com/combatiendo-fantasmas-spanish-edition.pdf
    • http://www.gorillawalker.com/the-essentials-of-engineering-design-graphics-theory-and-tear-out.pdf
    • http://www.gorillawalker.com/aa-words-one-supercritical-peter-eisenman-meets-rem-koolhaas.pdf
    • http://www.gorillawalker.com/chronicle-of-florence-the-middle-ages.pdf
    • http://www.gorillawalker.com/cyprus-idyllic-island-in-a-troubled-sea-1952-travelogue.pdf
    • http://www.gorillawalker.com/alere-inc-alr-financial-and-strategic-swot-analysis-review-download.pdf
    • http://www.gorillawalker.com/mary-s-first-time-milf-tames-brat-older-woman-younger.pdf
    • http://www.gorillawalker.com/bullying-under-attack-true-stories-written-by-teen-victims-bullies.pdf
    • http://www.gorillawalker.com/everything-guide-to-c-s-lewis-narnia-book-explore-the.pdf
    • http://www.gorillawalker.com/learn-to-write-chinese-characters-yale-language-series.pdf
    • http://www.gorillawalker.com/kangaroo-s-cancan-caf.pdf
    • http://www.gorillawalker.com/surfing-through-hyperspace-understanding-higher-universes-in-six-easy-lessons.pdf
    • http://www.gorillawalker.com/the-essence-of-digital-design-essence-of-engineering-paperback.pdf
    • http://www.gorillawalker.com/the-revelation-study-guide.pdf
    • http://www.gorillawalker.com/technique-development-in-fourths-for-jazz-improvisation-ramon-ricker-jazz.pdf
    • http://www.gorillawalker.com/mechanics-of-solids-pws-series-in-engineering.pdf
    • http://www.gorillawalker.com/psalm-hymns-volume-1-2-lyrics-for-personal-and-communal.pdf
    • http://www.gorillawalker.com/why-
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.