Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://uncpbisdegree.com/download3.php?q=warnings-visions-messages-from-irish-visionaries-today-paperback-by.pdf

  • http://uncpbisdegree.com/download4.php?q=warnings-visions-messages-from-irish-visionaries-today-paperback-by.pdf
  • http://buycos.de/warnings/visions/warnings_visions_messages_from_irish_visionaries_today_paperback_by.pdf
  • http://venuyallaturi.com/file/pdf/warnings-visions-messages-from-irish-visionaries-today-paperback-by.pdf
  • http://drcool.de/warnings/visions/warnings_visions_messages_from_irish_visionaries_today_paperback_by.pdf
  • http://jawaka.de/warnings/visions/warnings_visions_messages_from_irish_visionaries_today_paperback_by.pdf
  • http://www.ultimatechesscollecting.com/entity/2017/11/warnings-visions-messages-from-irish-visionaries-today-paperback-by.pdf
  • http://ginobi.de/warnings/visions/warnings_visions_messages_from_irish_visionaries_today_paperback_by.pdf
  • http://www.oculosfast.com.br/warnings-visions-messages-from-irish-visionaries-today-paperback-by.pdf
  • http://podcast-health.com/upload/a-crash-course-in-thetheology-of-the-body.pdf
  • http://fluid.cx/italian/literature/italian_literature_i_tristano_panciatichiano.pdf
  • http://uncpbisdegree.com/1/systems-analysis-and-design-8e-kendall.pdf
  • http://riverside-resort.net/1/vale-of-the-vole-xanth-trilogy-no-1-by-anthony-piers.pdf
  • http://uncpbisdegree.com/1/strategic-management-theory-an-integrated-approach-9th-edition.pdf
  • http://riverside-resort.net/1/using-3d-modelling-in-autocad.pdf
  • http://riverside-resort.net/1/white-sewing-machine-model-1525-manual.pdf
  • http://uncpbisdegree.com/1/system-dynamics-4th-edition-solutions.pdf
  • http://uncpbisdegree.com/1/tbi-ecm-wiring.pdf
  • http://riverside-resort.net/1/wiesen-test-of-mechanical-aptitude-questions-answer.pdf
  • http://uncpbisdegree.com/1/the-island-of-crimea-vasily-aksyonov.pdf
  • http://uncpbisdegree.com/1/stargate-sg-1-the-cost-of-honor.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://www.amazon.com/Warnings-Visions-Messages-Irish-Visionaries/dp/1892165007
  • https://openlibrary.org/authors/OL345204A/Albert_J._Hebert
  • https://www.abebooks.com/book-search/author/hebert-albert-j/
  • https://www.twitch.tv/piercenotts
  • http://go.microsoft.com/fwlink/?LinkID=617350
  • http://go.microsoft.com/fwlink/?LinkId=521839&CLCID=0409
  • http://go.microsoft.com/fwlink/?LinkID=246338&CLCID=0409
  • https://go.microsoft.com/fwlink/?linkid=868922
  • http://go.microsoft.com/fwlink/?LinkID=286759&CLCID=409
  • http://go.microsoft.com/fwlink/?LinkID=617297
  • https://www.amazon.com/Warnings-Visions-Messages-Irish-Visionaries/
  • https://openlibrary.org/authors/OL345204A
  • https://www.abebooks.com/book-search/author/hebert-albert-j
  • https://fedoraproject.org/wiki/Licensing/LiberationFontLicense

Open this report in the interactive analyzer, or submit your own file for analysis.