Malicious PDF — malware analysis report

Static analysis result for SHA-256 e7844cfc8c422a0a…

MALICIOUS

PDF

32.3 KB Created: 2019-05-24 00:42:28 +03:00 Authoring application: - (via pdfTeX-1.0b-pdfcrypt)
MD5: 094ef936004b37e49624bc66c03223ad SHA-1: 990990e18a962ff0b332234968fc1a0af388a033 SHA-256: e7844cfc8c422a0a50ae7feb07427989abbe886caf5b12fcf4c5e643c75c77ca
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links pointing to external PDF files on the domain 'gorillawalker.com'. This behavior is indicative of a link farm or a redirection scheme designed to drive traffic to numerous resources. The ML classifier also flagged this PDF as malicious, supporting the suspicious nature of the link farm.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8529

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/act-like-a-lady-think-like-a-boss-motivational-quotes.pdf
    • http://www.gorillawalker.com/lever-of-empire-the-international-gold-standard-and-the-crisis.pdf
    • http://www.gorillawalker.com/lessons-from-the-anthrax-attacks-implications-for-u-s-bioterrorism.pdf
    • http://www.gorillawalker.com/premarital-counseling.pdf
    • http://www.gorillawalker.com/jacob-s-wake.pdf
    • http://www.gorillawalker.com/practical-fracture-mechanics-in-design-mechanical-engineering-marcel-dekker-hardcover.pdf
    • http://www.gorillawalker.com/king-of-beaver-island.pdf
    • http://www.gorillawalker.com/introduction-to-agricultural-engineering-technology-a-problem-solving-approach.pdf
    • http://www.gorillawalker.com/a21-port-fuel-injection-package.pdf
    • http://www.gorillawalker.com/african-animals-portraits-of-a-special-kind-wonderful-artistic-photographs.pdf
    • http://www.gorillawalker.com/american-style.pdf
    • http://www.gorillawalker.com/how-to-draw-people-young-artist-series.pdf
    • http://www.gorillawalker.com/job-stress-interventions.pdf
    • http://www.gorillawalker.com/street-fight-psychology-kindle-edition.pdf
    • http://www.gorillawalker.com/chimera-parasitology.pdf
    • http://www.gorillawalker.com/tlv-1-safe-use-of-chemicals-in-the-laboratory.pdf
    • http://www.gorillawalker.com/the-400-best-garden-plants-a-practical-encyclodpedia-of-annuals.pdf
    • http://www.gorillawalker.com/chiapanecas-mexican-clap-dance-score-parts.pdf
    • http://www.gorillawalker.com/the-people-s-health-1830-1910.pdf
    • http://www.gorillawalker.com/los-duendes-zapateros-versi-n-del-cuento-de-los-hermanos.pdf
    • http://www.gorillawalker.com/prentice-hall-writers-companion-middle-grades-student-text.pdf
    • http://www.gorillawalker.com/troubleshooting-electrical-electronic-systems-workbook.pdf
    • http://www.gorillawalker.com/chicano-authors-inquiry-by-interview.pdf
    • http://www.gorillawalker.com/renewable-energy.pdf
    • http://www.gorillawalker.com/chip-dip-lovers-cook-book.pdf
    • http://www.gorillawalker.com/creating-family-harmony-through-tanka.pdf
    • http://www.gorillawalker.com/the-carolina-way-leadership-lessons-from-a-life-in-coaching.pdf
    • http://www.gorillawalker.com/barbershops-bibles-and-bet-everyday-talk-and-black-political-thought.pdf
    • http://www.gorillawalker.com/no-ordinary-matter.pdf
    • http://www.gorillawalker.com/magic-totem-the-adventures-of-pokey-and-sparky-book-4.pdf
    • http://www.gorillawalker.com/columbus-indiana-midwestern-modernist-mecca.pdf
    • http://www.gorillawalker.com/if-angels-burn-a-novel-of-the-darkyn.pdf
    • http://www.gorillawalker.com/razzle-dazzle-disney-princess-palace-pets-hologramatic-sticker-book.pdf
    • http://www.gorillawalker.com/i-do-wish-this-cruel-war-was-over-first-person.pdf
    • http://www.gorillawalker.com/addicted-to-angling-a-lifetime-s-obsession-with-fish-and.pdf
    • http://www.gorillawalker.com/emergency-animal-rescue-stories-one-woman-146-s-dedication-to.pdf
    • http://www.gorillawalker.com/montessori-inspired-activities-for-pre-schoolers-home-based-projects-for.pdf
    • http://www.gorillawalker.com/essay-on-the-cultivation-and-manufacture-of-tea-1874.pdf
    • http://www.gorillawalker.com/us-army-technical-manual-landing-craft-utility-lcu-1671-1679.pdf
    • http://www.gorillawalker.com/a-taste-of-freedom-a-cookbook-with-recipes-and-remembrances.pdf
    • http://www.gorillawalker.c
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.