Malicious PDF — malware analysis report

Static analysis result for SHA-256 def0db92c5793b21…

MALICIOUS

PDF

49.4 KB Created: 2019-04-22 02:40:19 +03:00 Authoring application: calibre 0.9.13 [http://calibre-ebook.com]
MD5: 5622bd84fbd849ba59172824dc22ce79 SHA-1: 9cceb3c6cd176cbf840a643a5db94cc768b26bd8 SHA-256: def0db92c5793b21f07368f91f8fb5e49fea66cbdc119856d42712cb021b6435
102 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The heuristic 'SE_ADVANCE_FEE_SCAM_LURE' strongly indicates the document's purpose is to deceive the user with a fake prize or funds. The presence of multiple external URIs, including one explicitly identified as 'PDF_URI', suggests a delivery mechanism for further malicious content or redirection. The ClamAV detection further confirms its malicious nature.

Heuristics 4

  • ClamAV: Pdf.Dropper.Agent-7171765-0 critical CLAMAV_DETECTION
    ClamAV detected this file as malware: Pdf.Dropper.Agent-7171765-0
  • Advance-fee lottery/parcel scam lure high SE_ADVANCE_FEE_SCAM_LURE
    Document contains lottery/beneficiary or prize language together with large-value draft/funds wording and parcel/courier delivery requirements. This is a classic advance-fee fraud document shape.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/peers-inc.pdf
    • http://www.gorillawalker.com/british-generals-in-the-war-of-1812-kindle-edition.pdf
    • http://www.gorillawalker.com/cowboy-logic-the-wit-and-wisdom-of-the-west-roundup.pdf
    • http://www.gorillawalker.com/introduction-to-vascular-ultrasonography-expert-consult-online-zwiebel-introduction-of.pdf
    • http://www.gorillawalker.com/ferrari-330p4-the-complete-story.pdf
    • http://www.gorillawalker.com/dump-dinners-cookbook-101-quick-easy-dump-dinner-recipes-for.pdf
    • http://www.gorillawalker.com/foods-of-the-world-african-cooking-with-recipes-book-2.pdf
    • http://www.gorillawalker.com/emily-jacir-belongings.pdf
    • http://www.gorillawalker.com/human-evolution-processes-and-adaptations-revised-second-edition.pdf
    • http://www.gorillawalker.com/quantum-chemistry-spectroscopy-a-guided-inquiry.pdf
    • http://www.gorillawalker.com/the-devil-s-assassin-jack-lark.pdf
    • http://www.gorillawalker.com/the-nest.pdf
    • http://www.gorillawalker.com/1807-land-lottery-of-georgia.pdf
    • http://www.gorillawalker.com/mastering-elliott-wave-presenting-the-neely-method-the-first-scientific.pdf
    • http://www.gorillawalker.com/mathematical-programming-for-operations-researchers-and-computer-scientists-industrial-engineering.pdf
    • http://www.gorillawalker.com/paranormal-pleasures-box-set-four-erotic-vampire-and-werewolf-stories.pdf
    • http://www.gorillawalker.com/the-great-british-farmhouse-cookbook-yeo-valley-by-sarah-mayor.pdf
    • http://www.gorillawalker.com/good-food-101-meals-for-two.pdf
    • http://www.gorillawalker.com/good-children-paperback.pdf
    • http://www.gorillawalker.com/dracula-country-travels-and-folk-beliefs-in-romania.pdf
    • http://www.gorillawalker.com/leibel-and-phillips-textbook-of-radiation-oncology-expert-consult-online.pdf
    • http://www.gorillawalker.com/the-virtues-project-educator-s-guide-simple-ways-to-create.pdf
    • http://www.gorillawalker.com/aluminum-in-modern-architecture-volume-i-and-engineering-design-and.pdf
    • http://www.gorillawalker.com/21-ways-to-write-publish-your-non-fiction-book.pdf
    • http://www.gorillawalker.com/waiting-for-godot-unabridged-audible-audio-edition.pdf
    • http://www.gorillawalker.com/the-14th-annual-aess-ieee-dayton-section-symposium-sythetic-visualization.pdf
    • http://www.gorillawalker.com/the-present-alone-is-our-happiness-second-edition-conversations-with.pdf
    • http://www.gorillawalker.com/the-1997-national-job-hotline-directory.pdf
    • http://www.gorillawalker.com/einheitsdenken-aus-der-perspektive-von-joh-17-eine-exegetische-und.pdf
    • http://www.gorillawalker.com/doing-writing-qualitative-research.pdf
    • http://www.gorillawalker.com/making-kitchen-cabinet-accessories-custom-designs-for-space-savers-and.pdf
    • http://www.gorillawalker.com/me-etyopiyah-li-yerushalayim-yehude-etyopiyah-ba-et-ha-hadashah.pdf
    • http://www.gorillawalker.com/doing-research-in-cultural-studies-an-introduction-to-classical-and.pdf
    • http://www.gorillawalker.com/the-churches-in-international-affairs-reports-2003-2006.pdf
    • http://www.gorillawalker.com/the-brasses-and-monuments-in-st-mary-the-virgin-church.pdf
    • http://www.gorillawalker.com/writing-gnu-emacs-extensions.pdf
    • http://www.gorillawalker.com/the-abcs-of-worship-a-concise-dictionary.pdf
    • http://www.gorillawalker.com/charcoal-s-world-the-true-story-of-a-canadian-indian.pdf
    • http://www.gorillawalker.com/unesco-statistical-yearbook-1995.pdf
    • http://www.gorillawalker.com/automotive-engineering-international-october-2003-ford-2005-gt-on-cover.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://calibre-ebook.com
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.