Malicious PDF — malware analysis report

Static analysis result for SHA-256 f8104ff62af15f32…

MALICIOUS

PDF

40.3 KB Created: 2018-11-15 18:32:06 +03:00 Authoring application: - (via Acrobat Web Capture 8.0)
MD5: b07e54687586ed547e687b24b47d0b79 SHA-1: a39f23d02fa019130c54f72e1fc5be167df7cc8e SHA-256: f8104ff62af15f32635a222eaf45689c9c8300b38aeedc6de1a16d858c9523b1
90 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment

The PDF contains a large number of embedded links to external PDF files, all hosted on the same domain (www.gorillawalker.com). This technique is often used to inflate search engine rankings or to distribute malicious content indirectly. The ML classifier also flagged this PDF as malicious with a high probability. No scripts were extracted, and the document body was unreadable.

Machine Learning

  • Nyx PDF Classifier malicious score 0.8872

Heuristics 2

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.gorillawalker.com/vermont-seasons-calendar-2000.pdf
    • http://www.gorillawalker.com/cricket-coaching-manual.pdf
    • http://www.gorillawalker.com/1001-songs-you-must-hear-before-you-die-and-10.pdf
    • http://www.gorillawalker.com/an-essential-guide-for-the-isfp-personality-type-insight-into.pdf
    • http://www.gorillawalker.com/en-espa-ol-eedition-cd-rom-5-pack-level-1a.pdf
    • http://www.gorillawalker.com/ballerina-rosie.pdf
    • http://www.gorillawalker.com/heaven-below-early-pentecostals-and-american-culture.pdf
    • http://www.gorillawalker.com/paleo-muffins-gluten-free-muffin-recipes-for-a-paleo-diet.pdf
    • http://www.gorillawalker.com/dick-tracy-the-collins-casefiles-vol-3-dick-tracy-the.pdf
    • http://www.gorillawalker.com/table-for-two-back-for-seconds.pdf
    • http://www.gorillawalker.com/by-warner-bros-consumer-products-2014-harry-potter-wall-calendar.pdf
    • http://www.gorillawalker.com/bahama-islands.pdf
    • http://www.gorillawalker.com/cape-cod-2015-the-food-enthusiast-s-complete-restaurant-guide.pdf
    • http://www.gorillawalker.com/thirty-one-secrets-of-an-unforgettable-woman-wisdom-for-women.pdf
    • http://www.gorillawalker.com/the-girl-who-could-fly.pdf
    • http://www.gorillawalker.com/tasty-hucow-tales-books-4-6-taboo-hucow-erotica.pdf
    • http://www.gorillawalker.com/basic-metrical-photogrammetry.pdf
    • http://www.gorillawalker.com/psychophysics-introduction-to-its-perceptual-neural-and-social-prospects.pdf
    • http://www.gorillawalker.com/the-libertine-french-surrealism.pdf
    • http://www.gorillawalker.com/the-principles-of-tennis-an-instructional-guide-to-help-improve.pdf
    • http://www.gorillawalker.com/really-horrible-science-facts-really-horrible-facts.pdf
    • http://www.gorillawalker.com/architectural-acoustics-pocketarchitecture.pdf
    • http://www.gorillawalker.com/honey-what-s-for-lunch.pdf
    • http://www.gorillawalker.com/an-english-chinese-bilingual-dictionary-of-chemistry.pdf
    • http://www.gorillawalker.com/readable-relativity.pdf
    • http://www.gorillawalker.com/institutes-of-the-christian-religion-vol-1.pdf
    • http://www.gorillawalker.com/only-one-way-home-an-inspirational-novel-of-history-mystery.pdf
    • http://www.gorillawalker.com/the-story-of-the-utah-jazz-the-nba-a-history.pdf
    • http://www.gorillawalker.com/juan-ponce-de-leon-explorers.pdf
    • http://www.gorillawalker.com/the-satir-model-family-therapy-and-beyond.pdf
    • http://www.gorillawalker.com/discrete-time-control-systems-2nd-edition.pdf
    • http://www.gorillawalker.com/a-history-of-us-book-9-war-peace-and-all.pdf
    • http://www.gorillawalker.com/british-television-drama-in-the-1980s.pdf
    • http://www.gorillawalker.com/printing-art-and-craft-skills-sea-to-sea.pdf
    • http://www.gorillawalker.com/da-champs-bulls-world-champions-1992.pdf
    • http://www.gorillawalker.com/history-of-the-house-of-siemens-2-vols-the-era.pdf
    • http://www.gorillawalker.com/an-illustrated-buide-to-bangkok.pdf
    • http://www.gorillawalker.com/cleopatra-a-study-in-politics-and-propaganda.pdf
    • http://www.gorillawalker.com/the-review-of-scientific-instruments-volume-44-new-series-1973.pdf
    • http://www.gorillawalker.com/the-correct-thing.pdf
    • http://www.gorillawalker.com/dick-tracy-th
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#
    • http://purl.org/dc/elements/1.1/
    • http://ns.adobe.com/xap/1.0/
    • http://ns.adobe.com/pdf/1.3/
    • http://ns.adobe.com/xap/1.0/mm/
    • http://www.aiim.org/pdfa/ns/extension/
    • http://www.aiim.org/pdfa/ns/schema#
    • http://www.aiim.org/pdfa/ns/property#
    • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.