Malicious PDF — malware analysis report

Heuristics 3

• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://neeshazollinger.com/uploads/1/3/0/4/130488619/be60c62828c.pdf In PDF document text

  • http://misscarladance.org/uploads/1/3/0/4/130435833/xinipo_fifojuvipuve.pdfIn PDF document text
  • http://ncsdactivities.com/uploads/1/3/0/6/130639518/0be5e6b358.pdfIn PDF document text
  • https://bixagisofumon.weebly.com/uploads/1/3/0/4/130483990/60197dde2177d.pdfIn PDF document text
  • https://gumefonivebodi.weebly.com/uploads/1/3/0/6/130604494/xuvuxelaxanogurivo.pdfIn PDF document text
  • http://orthogistic.com/uploads/1/3/0/4/130488282/9167279.pdfIn PDF document text
  • http://customlovecandles.com/uploads/1/3/0/2/130291449/6d884f86b3.pdfIn PDF document text
  • http://metroheatingandair.com/uploads/1/3/0/4/130476499/4bd90bee53.pdfIn PDF document text
  • http://pbconsulting.us/uploads/1/3/0/3/130323148/mobujifoliluda.pdfIn PDF document text
  • http://dgelectricinc.com/uploads/1/3/0/2/130287261/3327754.pdfIn PDF document text
  • http://chubbycheetah.com/uploads/1/3/0/6/130603688/gomojokomapipev.pdfIn PDF document text
  • https://kixovuvi.weebly.com/uploads/1/3/0/6/130604256/giladuwamokoko.pdfIn PDF document text
  • http://cjentzart.com/uploads/1/3/0/6/130639032/lotenavikujug.pdfIn PDF document text
  • http://koawarriors.com/uploads/1/3/0/4/130483236/9172359.pdfIn PDF document text
  • http://mydne.com/uploads/1/3/0/3/130379561/xekesilapovini.pdfIn PDF document text
  • http://mrappa.com/uploads/1/3/0/6/130605182/gurimazugut-tarejida-minudoxubexemel-bekeliligi.pdfIn PDF document text
  • http://waylessepoxyflooring.com/uploads/1/3/0/6/130621257/jilisefi-bipetibusavewun-zoludazesujefu-kifopolemarix.pdfIn PDF document text
  • http://lenka-photography.com/uploads/1/3/0/5/130588998/jitowomowivif.pdfIn PDF document text
  • http://loguzepedi.conceptfashionfest.ru/uploads/2020/01/29/sibimoda.pdfIn PDF document text
  • http://aclarkphotography.com/uploads/1/3/0/4/130491253/3dd0478d.pdfIn PDF document text
  • http://mikebarnescoach.com/uploads/1/3/0/5/130551015/moviz.pdfIn PDF document text
  • http://globalwarming1.com/uploads/1/3/0/6/130620441/8678038.pdfIn PDF document text
  • http://staceyjanedouglas.com/uploads/1/3/0/5/130542866/sebejekafuwimu.pdfIn PDF document text
  • http://mackenzieemievents.com/uploads/1/3/0/2/130289498/864b32.pdfIn PDF document text
  • http://the-hemp-life.com/uploads/1/3/0/5/130539455/efa5d04ec.pdfIn PDF document text
  • http://mojiles.net/uploads/1/3/0/2/130288682/130288682.html#emery+thompson+batch+freezer+craigslIn PDF document text
  • http://dejavu.sourceforge.netIn PDF document text
  • http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.