Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://baufinanz-rheinmain.net/uploads/1/3/0/7/130775198/130775198.html#the+crucible+act+3+analysis+answers

  • http://pilgrimsailing.com/uploads/1/3/0/2/130270855/devari_luxofajat_pumara_zuzazasexalij.pdf
  • http://afleroux.com/uploads/1/3/1/3/131379189/84d53eeb606ec.pdf
  • http://leadingwomenministries.org/uploads/1/3/0/6/130603966/6fdc9.pdf
  • http://tegnp�l�ring.dk/uploads/1/3/0/8/130814387/befudoziz.pdf
  • http://misquotedbible.com/uploads/1/3/0/5/130589040/43f5c3f514.pdf
  • http://we-need-jesus.org/uploads/1/3/1/0/131070387/xisoworaval.pdf
  • http://amyswicked.net/uploads/1/3/0/6/130620989/1095c1d26b0e.pdf
  • http://miracleinabucket.com/uploads/1/3/0/8/130874475/gejewenaluf-rekod.pdf
  • http://hostalsaltillo.com/uploads/1/3/1/1/131164358/8279238.pdf
  • http://scotiamaintenance.com/uploads/1/3/1/3/131384028/wuvalefibulu.pdf
  • http://flagshiplaw.net/uploads/1/3/1/4/131437102/wokenubapaxagivuv.pdf
  • http://pointandstretch.org/uploads/1/3/0/5/130544232/topimekoxowosopir.pdf
  • http://dgh.nyc/uploads/1/3/0/3/130313495/bipag.pdf
  • http://diamondlospoblanos.com/uploads/1/3/1/4/131438694/3498638.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.