Malicious PDF — malware analysis report

Static analysis result for SHA-256 eb1237fc34f7b72e…

MALICIOUS

PDF

41.8 KB Created: 2018-11-14 08:37:19 +03:00 Authoring application: Adobe Acrobat 8.13 (via Adobe Acrobat 8.13 Image Conversion Plug-in)
MD5: 87c1630673a80b59d0266e1084c6ba19 SHA-1: d0c9a88c40c96dd18773129c57150a9b374aefd3 SHA-256: eb1237fc34f7b72e3da3a8036c15693319f7a79319dc9e1729f248d68dd2601d
60 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1059.001 PowerShell

The PDF file contains a large number of embedded links to external PDF documents, a technique often used for SEO manipulation or to distribute malicious content. The heuristic 'PDF_SEO_LINK_FARM' indicates a mass external link farm with 32 links, primarily hosted on 'www.gorillawalker.com'. While no scripts were extracted, the sheer volume of links suggests a potential for distributing further malware or phishing content, making it a likely component of a larger attack chain.

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/model-of-incarnate-love-mary-desolate-in-the-experience-and.pdf
    • http://www.gorillawalker.com/rallying-the-four-wheel-drive-revolution-a-foulis-motoring-book.pdf
    • http://www.gorillawalker.com/muslim-and-american-straddling-islamic-law-and-u-s-justice.pdf
    • http://www.gorillawalker.com/jump-into-science-sand.pdf
    • http://www.gorillawalker.com/way-of-the-animal-powers-part-2-mythologies-of-the.pdf
    • http://www.gorillawalker.com/secrets-from-the-la-varenne-kitchen-50-essential-recipes-every.pdf
    • http://www.gorillawalker.com/stilwell-s-britain-bed-breakfast-2000.pdf
    • http://www.gorillawalker.com/undutiful-daughters-new-directions-in-feminist-thought-and-practice-breaking.pdf
    • http://www.gorillawalker.com/insiders-guide-key-west-in-your-pocket-your-guide-to.pdf
    • http://www.gorillawalker.com/insiders-guide-to-myrtle-beach-and-the-grand-strand-insiders.pdf
    • http://www.gorillawalker.com/reference-manual-on-scientific-evidence-second-edition-paperback.pdf
    • http://www.gorillawalker.com/the-study-of-medicine-with-a-physiological-system-of-nosology.pdf
    • http://www.gorillawalker.com/commodities-for-every-portfolio-how-you-can-profit-from-the.pdf
    • http://www.gorillawalker.com/the-lang-2015-2016-marjolein-bastin-nature-s-journal-two.pdf
    • http://www.gorillawalker.com/dreams-coming-true-an-indigenous-health-programme-in-the-peruvian.pdf
    • http://www.gorillawalker.com/life-is-with-others-selected-writings-on-child-psychiatry.pdf
    • http://www.gorillawalker.com/fifty-major-political-thinkers-routledge-key-guides.pdf
    • http://www.gorillawalker.com/mechanical-shenanigans-steampunk-erotica-older-men-younger-women-tails-of.pdf
    • http://www.gorillawalker.com/elementary-algebra-concepts-applications-9th-edition.pdf
    • http://www.gorillawalker.com/everything-is-going-to-kill-everybody-the-terrifyingly-real-ways.pdf
    • http://www.gorillawalker.com/serofu-and-her-clan-life-of-the-african-elephant.pdf
    • http://www.gorillawalker.com/analysis-of-rolling-element-bearings.pdf
    • http://www.gorillawalker.com/essential-counseling-skills-practice-and-application-guide.pdf
    • http://www.gorillawalker.com/sami-the-magic-bear-no-to-bullying-hindi-edition.pdf
    • http://www.gorillawalker.com/the-stranger-a-novel.pdf
    • http://www.gorillawalker.com/pakistan-1-1-200-000-travel-map-international-travel-maps.pdf
    • http://www.gorillawalker.com/300-issues-of-modern-science-and-skin-care.pdf
    • http://www.gorillawalker.com/el-dia-del-relampago-spanish-edition.pdf
    • http://www.gorillawalker.com/transfusion-reactions-3rd-edition.pdf
    • http://www.gorillawalker.com/2011-tcm-physician-assistant-exam-easily-refined-analysis-of-error.pdf
    • http://www.gorillawalker.com/engineer-to-win.pdf
    • http://www.gorillawalker.com/bhaisajyaratnavli-krsnadasa-ayurveda-sirija.pdf
    • http://www.gorillawalker.com/belgian-women-poets-an-anthology-belgian-francophone-library.pdf
    • http://www.gorillawalker.com/the-language-of-names-what-we-call-ourselves-and-why.pdf
    • http://www.gorillawalker.com/the-state-identity-and-the-national-question-in-china-and.pdf
    • http://www.gorillawalker.com/introduction-to-security-operations-and-management-4th-edition.pdf
    • http://www.gorillawalker.com/electrical-systems-for-oil-and-gas-production-facilities.pdf
    • http://www.gorillawalker.com/at-heaven-s-edge.pdf
    • http://www.gorillawalker.com/the-gentleman-s-guide-to-beard-and-moustache-management-by.pdf
    • http://www.gorillawalker.com/gastrointestinal-reflux-disease-gerd-how-to-manage-gerd-disease-and.pdf
    • http://www.gorillawa
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.