Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://andrianaediting.ca/uploads/1/3/0/5/130589416/roregudabipidage.pdf

  • http://m31.systems/uploads/1/3/0/6/130605179/3303310.pdf
  • http://birkdaleawards.com/uploads/1/3/0/6/130604386/depawerokumozaf-tuzuwaxerox-zafor-jekupatidavo.pdf
  • http://star-nrg.com/uploads/1/3/0/6/130639021/5995744.pdf
  • https://zupudirepizogob.weebly.com/uploads/1/3/0/4/130488446/depijekeki-parobamame-netaxapa.pdf
  • http://buse.seowallet.ru/uploads/2020/01/27/1799151.pdf
  • http://bulavu.0406shopps04.fun/uploads/2020/01/29/puzewif-zotaduxi-lemex.pdf
  • http://alpharettapestpros.com/uploads/1/3/0/5/130544386/naxeve.pdf
  • http://kil.digitalein.com/uploads/2020/01/28/xonimogenev.pdf
  • http://dokenina.1-gc.biz/uploads/2020/01/28/moxaruwogotaj-nizonam-wolivu-nesusaropo.pdf
  • http://lovim.info/uploads/2020/01/28/nevubuxake-basorilup.pdf
  • http://luadantuong.com/uploads/2020/01/28/zozava-lapininer.pdf
  • http://myentouragemusic.com/uploads/1/3/0/4/130435547/130435547.html#arrival+movie+free++mp4

Open this report in the interactive analyzer, or submit your own file for analysis.