Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://mydrugdir.com/cowboys/filters/U3B5U2hlbHRlciBBbnRpLUtleWxvZ2dlciBQcmVtaXVtIDExLjkgQ3JhY2sU3B.manipulatively?ZG93bmxvYWR8VnozTlRrMlozeDhNVFkxTmpjM01UZ3hPSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA=&tellingly=opponent

  • https://mentoring4good.com/wp-content/uploads/2022/07/vuldarv.pdf
  • https://www.chiesacristiana.eu/2022/07/02/cricket-lg-g-stylo-h634-firmware-android-5-1-1-12/
  • http://fisher65.ru/wp-content/uploads/2022/07/nevidljiva_iva_lektira_download.pdf
  • https://www.bg-frohheim.ch/bruederhofweg/advert/sony-vegas-pro-12-chingliu-keygen-extra-quality/
  • http://inventnet.net/advert/myheritage-family-tree-builder-7-0-premium-crack-hot/
  • https://spacefather.com/andfriends/upload/files/2022/07/pwDhjfrcuq7Bl4lbFkqR_02_81867242ca236340ef0f92ed71d5f14d_file.pdf
  • https://packersmoverslead.com/wp-content/uploads/2022/07/leelas_friend_by_rk_narayan_pdf_download.pdf
  • https://glacial-wave-50308.herokuapp.com/flyff_v19_server_files_Full.pdf
  • https://www.oregonweednetwork.com/wp-content/uploads/2022/07/Download_Crack_EXCLUSIVE_Fixed_Asset_Pro_16.pdf
  • https://articlewatt.com/wp-content/uploads/2022/07/Download_Adjustment_Program_Epson_Sx218_213_8_BETTER.pdf
  • https://diontalent.nl/2022/07/02/expressvpn-6-7-2-crack-activation-code-latest-version-free-download-hot/
  • https://smartsizebuildings.com/advert/universe-sandbox-2-patched-free-download-full-version/
  • https://ex0-sys.app/upload/files/2022/07/vrAPoDNHLvHQ7awvK6Lb_02_81867242ca236340ef0f92ed71d5f14d_file.pdf
  • https://thedailywhatsup.com/awara-paagal-deewana-1080p-movies-do-best/
  • https://murahlo.com/wp-content/uploads/2022/07/Pastel_Partner_Version_11_Free_REPACK_Download.pdf
  • https://engagementlandschaft.de/wp-content/uploads/2022/07/free_download_ebook_microsoft_excel_2010_bahasa_indonesia.pdf
  • https://inobee.com/upload/files/2022/07/FWxVeKClgfVbDQqvjHQf_02_81867242ca236340ef0f92ed71d5f14d_file.pdf
  • https://trikonbd.com/se-navcore-8-842-carminat-tomtom-rar/
  • https://gardeners-market.co.uk/advert/resident-evil-6-missing-steam-api-15/
  • https://promwad.de/sites/default/files/webform/tasks/batman-v-superman-dawn-of-justice-english-720p-in-hindi-dubbed-movie.pdf
  • http://www.tcpdf.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.