Malicious PDF — malware analysis report

Static analysis result for SHA-256 e5f39a2b1d9c4395…

MALICIOUS

PDF

43.1 KB Created: 2018-12-03 17:04:25 +03:00 Authoring application: Adobe InDesign CS6 (Macintosh) (via Acrobat Distiller 10.1.12 (Macintosh))
MD5: d8b21b7f7a0bb8c042ed0acc49e4dee5 SHA-1: d7aaefc5da8493dde22b33b3b65fee9a2c8ae83b SHA-256: e5f39a2b1d9c439514411699b19c017e4dfb1941078b18e13146f5b353689e2d
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF contains a large number of embedded links to external PDF files, as indicated by the PDF_SEO_LINK_FARM heuristic. The ML_NYX_PDF_MALICIOUS heuristic also flagged the document as malicious. The embedded URLs all point to the same domain, suggesting a coordinated effort to distribute content or manipulate search engine results. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier malicious score 0.9016

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/principles-and-practice-of-pain-medicine-3-e.pdf
    • http://www.gorillawalker.com/gerardo-vera-spanish-edition.pdf
    • http://www.gorillawalker.com/three-seconds-ewert-grens.pdf
    • http://www.gorillawalker.com/dictionnaire-historique-et-critique-de-pierre-bayle-tome-9-l.pdf
    • http://www.gorillawalker.com/1001-ideas-for-english-papers-term-papers-projects-reports-and.pdf
    • http://www.gorillawalker.com/i-m-a-magical-girl.pdf
    • http://www.gorillawalker.com/a-rulebook-for-decision-making-hackett-student-handbooks.pdf
    • http://www.gorillawalker.com/daughters-of-gaia-women-in-the-ancient-mediterranean-world-praeger.pdf
    • http://www.gorillawalker.com/church-and-ministry-the-role-of-church-pastor-and-people.pdf
    • http://www.gorillawalker.com/dialectical-research-methods-in-the-classical-marxist-tradition-critical-qualitative.pdf
    • http://www.gorillawalker.com/ks2-english-writing-buster-handwriting.pdf
    • http://www.gorillawalker.com/pacemaker-class-count-monte-cristo-se95-pacemaker-classics.pdf
    • http://www.gorillawalker.com/painting-and-sculpture-in-europe-1880-1940-3rd-edition-pelican.pdf
    • http://www.gorillawalker.com/the-amateur-astronomer-s-introduction-to-the-celestial-sphere.pdf
    • http://www.gorillawalker.com/deadly-secret-a-the-strange-disappearance-of-kathie-durst.pdf
    • http://www.gorillawalker.com/elefantes-zoobooks-spanish-edition.pdf
    • http://www.gorillawalker.com/the-many-faces-of-science-an-introduction-to-scientists-values.pdf
    • http://www.gorillawalker.com/freshman-tales-of-9th-grade-obsessions-revelations-and-other-nonsense.pdf
    • http://www.gorillawalker.com/watch-me-walk-away-walking-series.pdf
    • http://www.gorillawalker.com/sports-related-traumatic-orofacial-injuries-prevention-treatment-and-rehabilitation.pdf
    • http://www.gorillawalker.com/choices-in-pregnancy-and-childbirth-a-guide-to-options-for.pdf
    • http://www.gorillawalker.com/canine-sports-medicine-and-surgery-1e.pdf
    • http://www.gorillawalker.com/introduction-to-human-services-policy-and-practice-7th-edition.pdf
    • http://www.gorillawalker.com/floating-dragon.pdf
    • http://www.gorillawalker.com/software-and-internet-law-casebook.pdf
    • http://www.gorillawalker.com/dog-days-volume-one-volume-1.pdf
    • http://www.gorillawalker.com/christmas-entertainments-containing-fancy-drills-acrostics-motion-songs-tableaux-short.pdf
    • http://www.gorillawalker.com/on-the-christian-meaning-of-human-suffering.pdf
    • http://www.gorillawalker.com/religion-caste-and-politics-in-india-comparative-politics-and-internatioanl.pdf
    • http://www.gorillawalker.com/nation-it-s-time-to-pray.pdf
    • http://www.gorillawalker.com/best-of-shining-star-bible-puzzles.pdf
    • http://www.gorillawalker.com/2014-art-of-the-bistro-by-jennifer-garant-wall-calendar.pdf
    • http://www.gorillawalker.com/abschied-nehmen-praktischer-rat-und-hilfe-in-den-tagen-der.pdf
    • http://www.gorillawalker.com/geriatrics-at-your-fingertips-2014.pdf
    • http://www.gorillawalker.com/commonwealth-caribbean-property-law-commonwealth-caribbean-law.pdf
    • http://www.gorillawalker.com/recent-publications-on-the-issues-of-euthanasia-a-selected-bibliography.pdf
    • http://www.gorillawalker.com/historic-photos-of-knoxville.pdf
    • http://www.gorillawalker.com/urban-forestry-1983-85-254-citations-quick-bibliography-series.pdf
    • http://www.gorillawalker.com/staglieno-the-art-of-the-marble-carver.pdf
    • http://www.gorillawalker.com/sunil-gupta-pictures-from-here.pdf
    • http://www.gorillawalker.com/a-rulebook-for-decision-making-hackett-student-handbooks
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.