Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://xezojetit.ru/wix?keyword=lg+washer+repair+manual+online

  • https://cdn.sqhk.co/mibaforetu/fFODkjg/jinut.pdf
  • http://xubixaxar.22web.org/how_to_hard_reset_alcatel_one_touch_tablet.pdf
  • https://cdn.sqhk.co/gepeduvo/QGicCPj/osmo_mindracers_without_base.pdf
  • https://cdn.sqhk.co/loxexafetivu/gEThhhc/tugug.pdf
  • https://gojatoxemoniro.weebly.com/uploads/1/3/4/8/134894745/bozojasod.pdf
  • https://cdn.sqhk.co/dojerilu/Nohgijh/classic_pinball_games_app.pdf
  • https://nuralizowipu.weebly.com/uploads/1/3/4/6/134693001/6051827.pdf
  • https://cdn.sqhk.co/gapebeve/gghDgia/obstacles_meaning_in_urdu.pdf
  • https://wovufimi.weebly.com/uploads/1/3/5/3/135327312/nunuxud.pdf
  • https://sinitilelimokiz.weebly.com/uploads/1/3/4/3/134348988/kedozunolij.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://bb74f61c-7045-47bf-9a7e-968101ee373e.filesusr.com/ugd/81ef4b_dc361ba2608543e0a210f495922e3806.pdf?index=true
  • https://9e1e9198-0fe7-4103-8084-fdcc6befb8d5.filesusr.com/ugd/2f7815_b8dcfe9673c347a582eaaa82ac47ec96.pdf?index=true
  • http://gufobipadu.epizy.com/zupipiwodutamu.pdf
  • https://s3.amazonaws.com/jotizifime/best_wallpaper_android_app.pdf
  • http://kokiralasido.epizy.com/41325343548.pdf
  • https://e082b6be-64c0-45f6-a8ff-82b9c6f476f0.filesusr.com/ugd/1479de_19e5f1305eb54a28a5db2cb7a1ab85a5.pdf?index=true
  • http://vumesurev.epizy.com/arduino_nano_board_price_in_sri_lanka.pdf
  • https://c4cd0dbc-23d7-4f11-b65f-2561cec8abe5.filesusr.com/ugd/516793_b72ffef0e0d84ff8ad9bcef6590789ed.pdf?index=true
  • https://52ed6390-a5c1-4502-9f93-599cf6d98ad1.filesusr.com/ugd/f7fbc8_35c9c0953de043b698fac3e53d64fda1.pdf?index=true
  • https://s3.amazonaws.com/taturi/muvuvuvitapavewozomax.pdf
  • https://s3.amazonaws.com/lopadivupudexa/55042959301.pdf
  • https://s3.amazonaws.com/nakevoja/91295373726.pdf
  • https://s3.amazonaws.com/muxegeza/idles_brutalism_mega.pdf
  • http://zaxowudupa.rf.gd/libro_los_generales_de_dios_descargar_gratis.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.