MALICIOUS
92
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 PowerShell
The PDF contains an external URI pointing to a PDF file on www.gorillawalker.com. The ML classifier flagged this PDF as malicious with a high probability. The document body is heavily obfuscated and does not provide clear textual clues, but the presence of the external URI suggests a download lure. No scripts were extracted from this sample.
Machine Learning
- Nyx PDF Classifier malicious score 0.8447
Heuristics 2
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.gorillawalker.com/independence-day-holiday-histories-sagebrush.pdf In PDF document text
- http://www.gorillawalker.com/hanson-shout-it-out-piano-vocal-and-guitar.pdfIn PDF document text
- http://www.gorillawalker.com/apuntes-sobre-historia-de-la-republica-oriental-de-uruguay-tercera.pdfIn PDF document text
- http://www.gorillawalker.com/change-of-fortune-a.pdfIn PDF document text
- http://www.gorillawalker.com/history-of-jews-in-babylonia-iv.pdfIn PDF document text
- http://www.gorillawalker.com/the-father-i-never-knew.pdfIn PDF document text
- http://www.gorillawalker.com/cooking-in-everyday-english-the-abcs-of-great-flavor-at.pdfIn PDF document text
- http://www.gorillawalker.com/bentley-a-legend-reborn-haynes-classic-makes.pdfIn PDF document text
- http://www.gorillawalker.com/sloth-seven-deadly-sins.pdfIn PDF document text
- http://www.gorillawalker.com/euthanasia-opposing-viewpoints-series-opposing-viewpoints-digests.pdfIn PDF document text
- http://www.gorillawalker.com/explanatory-notes-upon-the-new-testament.pdfIn PDF document text
- http://www.gorillawalker.com/beating-the-system-hackers-phreakers-and-electronic-spies-the-inside.pdfIn PDF document text
- http://www.gorillawalker.com/foundation-drafting-and-perspective-drawing.pdfIn PDF document text
- http://www.gorillawalker.com/parkinson-s-disease-perspectives-on-diseases-and-disorders.pdfIn PDF document text
- http://www.gorillawalker.com/beer-notes.pdfIn PDF document text
- http://www.gorillawalker.com/web-development-with-jquery.pdfIn PDF document text
- http://www.gorillawalker.com/teckning-af-carl-olof-rosenii-lif-och-werksamhet-hans-w.pdfIn PDF document text
- http://www.gorillawalker.com/the-duel-the-art-of-the-novella.pdfIn PDF document text
- http://www.gorillawalker.com/kalaupapa-a-collective-memory-a-latitude-20-book.pdfIn PDF document text
- http://www.gorillawalker.com/david-y-goliat-conflicto-arabe-israeli-spanish-edition.pdfIn PDF document text
- http://www.gorillawalker.com/the-the-enemy-hunted-book-6.pdfIn PDF document text
- http://www.gorillawalker.com/old-mistresses-women-art-and-ideology.pdfIn PDF document text
- http://www.gorillawalker.com/12-danzas-espa-olas-3-selections-for-orchestra-trumpet-2.pdfIn PDF document text
- http://www.gorillawalker.com/proceedings-of-the-jsle-international-tribology-conference-tokyo-japan-8.pdfIn PDF document text
- http://www.gorillawalker.com/ecg-pocket-brain-essentials-5th-edition-2011.pdfIn PDF document text
- http://www.gorillawalker.com/wondrous-easter-10-contemporary-arrangements-for-easter-sunday-sacred-performer.pdfIn PDF document text
- http://www.gorillawalker.com/path-of-the-assassin-vol-2-sand-and-flower-v.pdfIn PDF document text
- http://www.gorillawalker.com/out-of-sequence-underrepresented-voices-in-american-comics.pdfIn PDF document text
- http://www.gorillawalker.com/portraits-of-the-renaissance-french-edition.pdfIn PDF document text
- http://www.gorillawalker.com/ethics-in-policy-analysis-occupational-ethics-series.pdfIn PDF document text
- http://www.gorillawalker.com/krazy-ignatz-1927-1928-love-letters-in-ancient-brick-krazy.pdfIn PDF document text
- http://www.gorillawalker.com/palliative-care-consultations-in-gynaeoncology.pdfIn PDF document text
- http://www.gorillawalker.com/discipline-part-3.pdfIn PDF document text
- http://www.gorillawalker.com/trampas-del-tiempo-proven-strategies-for-swamped-salespeople-spanish-edition.pdfIn PDF document text
- http://www.gorillawalker.com/the-serial-killer-s-apprentice-and-12-other-true-stories.pdfIn PDF document text
- http://www.gorillawalker.com/thinking-about-inequality-personal-judgment-and-income-distributions.pdfIn PDF document text
- http://www.gorillawalker.com/first-aid-for-the-comlex-a-student-to-student-guide.pdfIn PDF document text
- http://www.gorillawalker.com/preventing-violent-conflicts-a-strategy-for-preventive-diplomacy.pdfIn PDF document text
- http://www.gorillawalker.com/scala-cookbook-recipes-for-object-oriented-and-functional-programming.pdfIn PDF document text
- http://www.gorillawalker.com/the-pop-up-book-of-poo.pdfIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_002_off000018c1.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x18C1 | 34810 bytes |
SHA-256: 9bb5af441064c0ce40603bce1013cfbd4d48dcf0a8f85054a0a776b84b64823e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.