Malicious PDF — malware analysis report

Heuristics 5

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• External URI info PDF_URI
  PDF contains an external URL action
• PDF differential parser failed info PDF_DIFFERENTIAL_PARSE_FAILED
  The cross-check parser (pdfminer.six) failed on this file: PDF differential parser failed: PDFSyntaxError. Static heuristics still ran and any of their findings above are valid; only the differential cross-check signal is missing.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://druttle.ru/award?keyword=stock+market+basics+pdf+in+telugu PDF link annotation

  • http://francobusiness.com/fronius_5kw_inverter_spec_sheetsi06c.pdfIn PDF document text
  • https://xaweregosakub.weebly.com/uploads/1/3/1/4/131407668/wuvaxidazewera.pdfIn PDF document text
  • https://mirajaxudedina.weebly.com/uploads/1/3/0/7/130775596/3634176.pdfIn PDF document text
  • https://pufenenuboz.weebly.com/uploads/1/3/0/7/130738511/98fcf8c9ad1.pdfIn PDF document text
  • http://nuverlites.online/baweriwesifurixixa9eewn.pdfIn PDF document text
  • https://xutifapob.weebly.com/uploads/1/3/2/7/132712150/waxofiguwiwuvup.pdfIn PDF document text
  • https://garanokuwepo.weebly.com/uploads/1/3/0/8/130874617/wumofurolu_zemezufoxe_rusojiligise_wezuvuv.pdfIn PDF document text
  • http://srakan.space/52128661039wjwdk.pdfIn PDF document text
  • http://55571.ru/gradus_ad_parnassum_debussy_imslpxblbe.pdfIn PDF document text
  • http://bilet-pdd.site/autocad_electrical_drawing_template91bwd.pdfIn PDF document text
  • https://nenodomamik.weebly.com/uploads/1/3/4/0/134095987/6d4c2270dcb5b5.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • http://www.daltonmaag.com/In PDF document text
  • https://s3.amazonaws.com/temujonuwu/b_t_c_book_ka_full_form.pdfIn PDF document text
  • https://s3.amazonaws.com/visagogijulep/case_files_pediatrics.pdfIn PDF document text
  • https://s3.amazonaws.com/kopisigapub/12050610229.pdfIn PDF document text
  • https://s3.amazonaws.com/dejazuvorira/54501588463.pdfIn PDF document text
  • https://s3.amazonaws.com/mejifavo/40611232735.pdfIn PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.