Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINK
  PDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://evacdir.com/MjAxMWxhcG9yYW5rZXVhbmdhbnB0c2lkb211bmN1bAMjA/ZG93bmxvYWR8cXU0YmpGcllueDhNVFkxTkRnNU16RTVNWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/chelurit.knuckles.expat?hedonists=penaeus

  • https://tutorizone.com/wp-content/uploads/2022/06/glorolen.pdf
  • http://feelingshy.com/new-compare-it-422221-portable/
  • http://zyynor.com/upload/files/2022/06/KPxHVpjmF3TZkgFUokby_11_344b0b244e39285a3146d86e1c0a8a12_file.pdf
  • https://cine-africain.com/olislav/windows-2012-r2-terminal-server-license-crack-link/
  • https://surprisemenow.com/notesinbusinesslawbyfidelitosorianopdf16/
  • http://tutorialspointexamples.com/hd-online-player-download-bold-bollywood-movies-in-hi-link
  • https://teenmemorywall.com/compuapps-swissknife-v3-license-key-crack-number-idm/
  • http://www.divinejoyyoga.com/2022/06/11/asa-prepware-2013-activation-codes/
  • http://zabarang.com/wp-content/uploads/2022/06/Descargar_Presto_88_Crack_Gratis.pdf
  • https://teenmemorywall.com/custom-xthea-drivers-for-windows-7-64-12-__exclusive__/
  • https://remcdbcrb.org/wp-content/uploads/2022/06/sibori.pdf
  • https://plugaki.com/upload/files/2022/06/kbJaRU3nM8iATn68yC9d_11_92de28e6446c420a9b03cbe72fe3fbec_file.pdf
  • https://wp.gymbruneck.info/advert/call-of-juarez-the-cartel-steam-unlocked-best-crack-ali213-dude-version-download/
  • https://seecurrents.com/wp-content/uploads/2022/06/a4u_hard_series_picture.pdf
  • https://seniordiscount.ca/wp-content/uploads/2022/06/napocurt.pdf
  • http://www.2el3byazici.com/?p=14526
  • https://www.afaceripromo.ro/keyshia-cole-the-way-it-is-full-full-album-zip/
  • http://tuscomprascondescuento.com/?p=26430
  • https://www.cateringguiden.no/wp-content/uploads/2022/06/Pioneer_Carrozzeria_Aviczh9md_English_Manual.pdf
  • https://kramart.com/wp-content/uploads/2022/06/wakraf.pdf
  • http://zyynor.com/upload/files/2022/06/KPxHVpjmF3TZkgFUokby_11_344b0b244e39285a314
  • https://plugaki.com/upload/files/2022/06/kbJaRU3nM8iATn68yC9d_11_92de28e6446c420a9b0
  • https://wp.gymbruneck.info/advert/call-of-juarez-the-cartel-steam-unlocked-best-crack-
  • https://www.cateringguiden.no/wp-
  • http://www.tcpdf.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.