Malicious PDF — malware analysis report

Heuristics 3

• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://jurinaphotography.com/uploads/1/3/0/4/130488851/retenujeto.pdf In PDF document text

  • http://fol.oldi-nix-dns.info/uploads/2020/01/27/7825878.pdfIn PDF document text
  • http://xajo.botanicart.ru/uploads/2020/01/28/repokizasupule.pdfIn PDF document text
  • http://xuronig.copyrightcontact-10000642147218.com/uploads/2020/01/28/a2ddd.pdfIn PDF document text
  • http://putibikope.kardio-control.ru/uploads/2020/01/28/785526.pdfIn PDF document text
  • http://zabota.chess-nut.com/uploads/2020/01/28/4495849.pdfIn PDF document text
  • http://towijefak.domcrawford.online/uploads/2020/01/28/luweje-nojosujuti-fataw.pdfIn PDF document text
  • http://hamptonsbailbonds.com/uploads/1/3/0/5/130545382/9487254.pdfIn PDF document text
  • http://xasula.audiostart42.icu/uploads/2020/01/28/02e5a95ed32df.pdfIn PDF document text
  • https://sevupunumikage.weebly.com/uploads/1/3/0/5/130588906/8934254.pdfIn PDF document text
  • http://werenuboj.rus-snow.ru/uploads/2020/01/29/jigomisoxurenu_keraputusof_jawulunipapubek_lizefetesik.pdfIn PDF document text
  • http://wotupatur.pinhs-ap.com/uploads/2020/01/28/17a40c75045cc.pdfIn PDF document text
  • http://dora.menurotrin.ru/uploads/2020/01/29/wimexaselotevi_xedosawigebazev_zogudovixawabe_dalivujoxu.pdfIn PDF document text
  • http://unsocialmediapp.com/uploads/1/3/0/6/130620865/49e550e8184.pdfIn PDF document text
  • http://zilekixu.konstantinostapenko.com/uploads/2020/01/27/mebabukada.pdfIn PDF document text
  • https://fufenoxaza.weebly.com/uploads/1/3/0/2/130272928/bodez_lilobeduw_sawupedi.pdfIn PDF document text
  • http://iwit-ism.com/uploads/1/3/0/5/130542971/7280881.pdfIn PDF document text
  • http://banglanews.pro/uploads/2020/01/27/aba7f.pdfIn PDF document text
  • http://xaw.antiviruseprotectiononline.xyz/uploads/2020/01/28/6316342.pdfIn PDF document text
  • http://whiteteethteen.com/uploads/1/3/0/4/130483617/130483617.html#bojhena+shey+bojhena+watch+online+frIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • http://dejavu.sourceforge.netIn PDF document text
  • http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text
  • http://www.adobe.com/).NotoIn PDF document text
  • http://www.google.com/get/noto/http://www.adobe.com/type/ThisIn PDF document text
  • http://scripts.sil.org/OFLNotoIn PDF document text
  • https://fedoraproject.org/wiki/Licensing/LiberationFontLicenseIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.