Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://120lakeshoredrive.com/uploads/1/3/0/6/130621124/xebar_xemopamigus_kikanupis_piruguwutos.pdf

  • http://mirkamalmi.com/uploads/1/3/0/6/130621095/7953814.pdf
  • http://australiancouncilofhinduclergy.org/uploads/1/3/0/6/130639646/4660618.pdf
  • http://zamubedez.tmass.online/uploads/2020/01/28/rolonupagu.pdf
  • http://quantumspirit.us/uploads/1/3/0/5/130543054/2549b9e472f.pdf
  • http://trustedadvocates.org/uploads/1/3/0/6/130621462/568e177bcb.pdf
  • http://cefcamas.org/uploads/1/3/0/7/130738633/lixukazenala.pdf
  • http://tos.tt12bb.top/uploads/2020/01/28/6082790.pdf
  • http://smithsolarlab.com/uploads/1/3/0/3/130323631/nunixinuvozisaz.pdf
  • http://tenzafansite.com/uploads/1/3/0/6/130639750/09a411.pdf
  • http://santaclaritascreenprinting.com/uploads/1/3/0/6/130639848/zipenawirusadow.pdf
  • http://allisonjjanda.com/uploads/1/3/0/4/130483728/rutuluxubozujepoxap.pdf
  • http://5pointauto.com/uploads/1/3/0/5/130588880/130588880.html#bhoot+bangla+full+hd+movie
  • https://savannah.gnu.org/projects/freefont/
  • http://www.gnu.org/licenses/
  • http://www.gnu.org/copyleft/gpl.html

Open this report in the interactive analyzer, or submit your own file for analysis.