Malicious PDF — malware analysis report

Heuristics 3

• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://zufodowi.quran-media.online/uploads/2020/01/27/e19cf05c42d.pdf In PDF document text

  • http://studiodentisticosg.com/uploads/1/3/0/4/130483402/lulabokafoke.pdfIn PDF document text
  • http://mofitob.kraftstone.ru/uploads/2020/01/28/9429218.pdfIn PDF document text
  • http://felebuli.kek.su/uploads/2020/01/27/nifedetefimidoj.pdfIn PDF document text
  • http://runul.pulkovo3.info/uploads/2020/01/27/5f2d57.pdfIn PDF document text
  • http://tuhuellatepertenece.com/uploads/2020/01/29/gunujuw.pdfIn PDF document text
  • http://elevacio.com/uploads/1/3/0/6/130604685/piwawapawasako.pdfIn PDF document text
  • http://portraitsformodernpeople.com/uploads/1/3/0/3/130379142/7862857.pdfIn PDF document text
  • http://ritmischgym.com/uploads/1/3/0/3/130379397/loxam-fetifunodekexij.pdfIn PDF document text
  • https://kapemupesisupev.weebly.com/uploads/1/3/0/2/130271150/5c37eba49.pdfIn PDF document text
  • http://milledlogs.com/uploads/1/3/0/6/130604616/pubesonitigota.pdfIn PDF document text
  • http://talinasherbsandhealing.com/uploads/1/3/0/5/130550754/9d97e.pdfIn PDF document text
  • http://burnhampark.weebly.com/uploads/1/3/0/3/130323767/9488663.pdfIn PDF document text
  • http://thelaunch.team/uploads/1/3/0/3/130323232/tamogenavedumifev.pdfIn PDF document text
  • http://wejijipovi.labdo.net/uploads/2020/01/27/daputedamemov.pdfIn PDF document text
  • http://yourfavoritedetailers.com/uploads/1/3/0/6/130621153/7418863.pdfIn PDF document text
  • https://mazekuvufa.weebly.com/uploads/1/3/0/3/130313411/dff4e6516ad8c2.pdfIn PDF document text
  • http://naxone.klondike-gold.info/uploads/2020/01/29/koset.pdfIn PDF document text
  • http://indyfacepainter.com/uploads/1/3/0/6/130605258/puvote.pdfIn PDF document text
  • http://nir.downloadappios.com/uploads/2020/01/28/wedukokunon.pdfIn PDF document text
  • https://zexupimifosirof.weebly.com/uploads/1/3/0/5/130543476/9652879.pdfIn PDF document text
  • http://envirotw.com/uploads/1/3/0/2/130289201/wupoti_dugado_jelus_jukakibiram.pdfIn PDF document text
  • http://mymelgrove.com/uploads/1/3/0/2/130272296/zivenerodisuwulizob.pdfIn PDF document text
  • http://sex.support-account.net/uploads/2020/01/29/1328162.pdfIn PDF document text
  • http://mycleanohio.com/uploads/1/3/0/2/130273962/130273962.html#carbohydrate+chemistry+mcqs+pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://fedoraproject.org/wiki/Licensing/LiberationFontLicenseIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.