Malicious PDF — malware analysis report

Static analysis result for SHA-256 ddb7e6861f5f6697…

MALICIOUS

PDF

45.8 KB Created: 2018-11-30 20:56:09 +03:00 Authoring application: - (via Adobe Acrobat 10.0 Paper Capture Plug-in)
MD5: 349a28aa259aaddddeca4ef147ce0d24 SHA-1: 63721d232045e280944ee28a36fb43f389148cd8 SHA-256: ddb7e6861f5f6697678ca9fbf899a09f65746a8bdacc8d84b55ad2efa9f128a8
92 Risk Score

Malware Insights

MITRE ATT&CK
T1059.001 PowerShell

The PDF contains an embedded URI pointing to a suspicious URL, which is a common technique for delivering malicious content. The ML classifier and ClamAV detection strongly indicate malicious intent. The embedded URL is likely intended to serve as a lure for downloading a secondary malicious payload.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8396

Heuristics 3

  • ClamAV: Pdf.Dropper.Agent-7313313-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7313313-0
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/the-big-four-secrets-to-a-thriving-church-family.pdf
    • http://www.gorillawalker.com/pittsburgh-pirates-encyclopedia.pdf
    • http://www.gorillawalker.com/russian-edition.pdf
    • http://www.gorillawalker.com/lachapelle-land-photographs.pdf
    • http://www.gorillawalker.com/top-ten-guide-to-fly-fishing.pdf
    • http://www.gorillawalker.com/the-tangram-book.pdf
    • http://www.gorillawalker.com/asceticism-in-the-christian-transformation-of-self-in-margery-kempe.pdf
    • http://www.gorillawalker.com/dr-chase-s-recipes-or-information-for-everybody-an-invaluable.pdf
    • http://www.gorillawalker.com/meister-eckhart.pdf
    • http://www.gorillawalker.com/the-economic-challenge-for-europe-adapting-to-innovation-based-growth.pdf
    • http://www.gorillawalker.com/bookworm-iii-the-best-laid-plans.pdf
    • http://www.gorillawalker.com/motoring-the-highway-experience-in-america.pdf
    • http://www.gorillawalker.com/reason-and-insight-western-and-eastern-perspectives-on-the-pursuit.pdf
    • http://www.gorillawalker.com/isotopes-in-the-water-cycle-past-present-and-future-of.pdf
    • http://www.gorillawalker.com/how-to-demonstrate-christian-science.pdf
    • http://www.gorillawalker.com/hacia-el-infinito-spanish-edition-kindle-edition.pdf
    • http://www.gorillawalker.com/phase-one-iron-man-marvel-cinematic-universe.pdf
    • http://www.gorillawalker.com/twelve-effective-ways-to-help-your-add-adhd-child-drug.pdf
    • http://www.gorillawalker.com/the-spelling-book-superseded-or-a-new-and-easy-method.pdf
    • http://www.gorillawalker.com/history-s-villains-francisco-pizarro.pdf
    • http://www.gorillawalker.com/graph-algorithms-in-the-language-of-linear-algebra-software-environments.pdf
    • http://www.gorillawalker.com/lung-disease-care-guide-1-1-india-chinese-edition.pdf
    • http://www.gorillawalker.com/ile-de-paques-isla-de-pascua-easter-island.pdf
    • http://www.gorillawalker.com/let-s-go-super-monsta-friends-book-1-monsta-doodle.pdf
    • http://www.gorillawalker.com/factory-towns-of-south-china-an-illustrated-guidebook-english-and.pdf
    • http://www.gorillawalker.com/boeing-747-design-and-development-since-1969-color-tech.pdf
    • http://www.gorillawalker.com/growing-in-the-prophetic-a-practical-biblical-guide-to-dreams.pdf
    • http://www.gorillawalker.com/5-practice-tests-for-the-sat-ii-united-states-history.pdf
    • http://www.gorillawalker.com/the-innocent-anthropologist-notes-from-a-mud-hut.pdf
    • http://www.gorillawalker.com/finite-mathematics-solving-problems-in-business-economics-and-the-social.pdf
    • http://www.gorillawalker.com/lonely-planet-nepal-travel-guide-kindle-edition.pdf
    • http://www.gorillawalker.com/when-god-cries-portrait-of-a-child-slayer.pdf
    • http://www.gorillawalker.com/lectura-analisis-critico-y-desarrollo-de-ensayos-reading-critical-analysis.pdf
    • http://www.gorillawalker.com/alaska-s-southeast-9th-touring-the-inside-passage.pdf
    • http://www.gorillawalker.com/cleanup-of-filter-cake-formed-by-drilling-and-completion-fluids.pdf
    • http://www.gorillawalker.com/ghana-a-portrait.pdf
    • http://www.gorillawalker.com/the-carthaginians-peoples-of-the-ancient-world.pdf
    • http://www.gorillawalker.com/torn-apart-crossdressing-feminization-trilogy-erotica-bundle-kindle-edition.pdf
    • http://www.gorillawalker.com/faust-waltz-by-gounod-arranged-for-two-accordions-sheet-music.pdf
    • http://www.gorillawalker.com/spirit-of-god-christian-renewal-in-the-community-of-faith.pdf
    • http://www.gorillawalker.com/top-ten-guide-to-fly-fi
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.