Malicious PDF — malware analysis report

Static analysis result for SHA-256 f08057578313c3bd…

MALICIOUS

PDF

30.0 KB Created: 2019-05-24 00:42:52 +03:00 Authoring application: Word (via Acrobat PDFMaker 15 for Word)
MD5: a0c607f37bdee423ecede8ecd2dfe294 SHA-1: 9f72a04c7318323c137061d23818981debc3d5bf SHA-256: f08057578313c3bde73d773e29f50760ef2575d734142f2974326bfe35cb535e
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF file was flagged by a machine learning classifier and contains a significant number of embedded links to external PDF files hosted on 'gorillawalker.com'. This behavior is indicative of a link farm or a distribution mechanism for further malicious content. No scripts were extracted, and the document body was heavily obfuscated, limiting further analysis of the specific lure.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8409

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/backen-mit-weight-watchers.pdf
    • http://www.gorillawalker.com/ethical-issues-in-modern-medicine-contemporary-readings-in-bioethics-7th.pdf
    • http://www.gorillawalker.com/denying-existence-the-logic-epistemology-and-pragmatics-of-negative-existentials.pdf
    • http://www.gorillawalker.com/iec-62304-ed-1-0-b-2006-medical-device-software.pdf
    • http://www.gorillawalker.com/the-political-economy-of-the-united-nations-security-council-money.pdf
    • http://www.gorillawalker.com/brainteasers-grades-4-5-basic-skills-beyond.pdf
    • http://www.gorillawalker.com/the-new-zealand-bed-and-breakfast-book-1996.pdf
    • http://www.gorillawalker.com/a-guide-to-finnish-architecture.pdf
    • http://www.gorillawalker.com/great-north-road.pdf
    • http://www.gorillawalker.com/uk-vineyards-guide-2010.pdf
    • http://www.gorillawalker.com/creative-curriculum-for-infants-toddlers-and-twos.pdf
    • http://www.gorillawalker.com/taken-by-teachers-kindle-edition.pdf
    • http://www.gorillawalker.com/agatha-s-first-case.pdf
    • http://www.gorillawalker.com/the-roman-conspiracy.pdf
    • http://www.gorillawalker.com/vietnam-postcards-from.pdf
    • http://www.gorillawalker.com/super-cute-crispy-treats-over-100-no-bake-cereal-desserts.pdf
    • http://www.gorillawalker.com/dead-i-well-may-be-a-novel.pdf
    • http://www.gorillawalker.com/dark-river.pdf
    • http://www.gorillawalker.com/the-calcutta-kitchen.pdf
    • http://www.gorillawalker.com/federal-courts-cases-and-materials-american-casebook-series.pdf
    • http://www.gorillawalker.com/criminal-liability-in-regulatory-contexts-a-consultation-paper-law-commission.pdf
    • http://www.gorillawalker.com/mad-s-don-martin-presents-captain-klutz-ii.pdf
    • http://www.gorillawalker.com/time-for-kids-sharks-time-for-kids-science-scoops.pdf
    • http://www.gorillawalker.com/die-gr-ten-erfindungen-von-bmw-f-r-kraftfahrzeuge-2014.pdf
    • http://www.gorillawalker.com/the-reproach-of-hunger-food-justice-and-money-in-the.pdf
    • http://www.gorillawalker.com/rock-and-mineral-magnetism.pdf
    • http://www.gorillawalker.com/birth-rite.pdf
    • http://www.gorillawalker.com/curry-callaloo-calypso-the-real-taste-of-trinidad-tobago-hardback.pdf
    • http://www.gorillawalker.com/lighten-up-brighten-up.pdf
    • http://www.gorillawalker.com/one-man-and-the-mighty-mississippi-a-sixty-year-adventure.pdf
    • http://www.gorillawalker.com/22-britannia-road-a-novel.pdf
    • http://www.gorillawalker.com/the-seal-s-best-man-special-ops-homefront.pdf
    • http://www.gorillawalker.com/murder-in-maui-a-leila-kahana-mystery.pdf
    • http://www.gorillawalker.com/fundamentals-of-statistics.pdf
    • http://www.gorillawalker.com/introduction-to-mathematical-philosophy.pdf
    • http://www.gorillawalker.com/in-search-of-wagner.pdf
    • http://www.gorillawalker.com/guess-what-level-2-activity-book-with-online-resources-british.pdf
    • http://www.gorillawalker.com/kalashnikov-the-arms-and-the-man.pdf
    • http://www.gorillawalker.com/q-a-land-law-questions-and-answers.pdf
    • http://www.gorillawalker.com/green-guide-to-cars-and-trucks-model-year-1998.pdf
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.