Malicious PDF — malware analysis report

Heuristics 3

• PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK
  PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ttraff.club/wix?keyword=dream+deferred+theme

  • https://1b1cd0a5-1d83-40a5-888f-5f8122985c04.filesusr.com/ugd/badafb_d5a02391cb404b83aebddacb993bb934.pdf?index=true
  • https://fef3faf5-6ff5-44d0-8d3c-d06d635e6931.filesusr.com/ugd/5ea4d5_28f59946f3004e418dab679d6c4dcc90.pdf?index=true
  • https://51a89ff5-139b-4a44-9e93-7b68b11b599f.filesusr.com/ugd/24d943_775f1b9c10b94110911c7f3f5ed9ab59.pdf?index=true
  • https://c697512b-f065-4add-bd74-e54041c46892.filesusr.com/ugd/e54fc7_e238f1a2c2ce44178cbf111d1482ebf5.pdf?index=true
  • https://cde15fe5-aabc-4175-b3ec-a4ceff70b174.filesusr.com/ugd/6f9b04_8895de3fa72a4f7b8526edeb82bf29fa.pdf?index=true
  • https://945f7770-1dec-4bc8-b151-026f241d1c88.filesusr.com/ugd/e4ff69_fac034b4634040858c827d58368ecb98.pdf?index=true
  • https://56708f0a-166f-491d-8d25-378702f89ae1.filesusr.com/ugd/e643da_aa8a1a713a7d4f57804ac5a4cf921007.pdf?index=true
  • https://2cfb7727-67b5-4876-8bda-2bd97378e0a8.filesusr.com/ugd/5438e3_2811ae082f1a4320999b33268d7578a8.pdf?index=true
  • https://cdn.shopify.com/s/files/1/0428/9835/8432/files/23158701460.pdf
  • https://cdn.shopify.com/s/files/1/0433/9056/6556/files/primary_health_care_definition_according_to_who.pdf
  • https://cdn.shopify.com/s/files/1/0436/0408/2851/files/48525383592.pdf
  • https://cdn.shopify.com/s/files/1/0433/4521/5637/files/yii2_activeform_beforesubmit.pdf
  • https://cdn.shopify.com/s/files/1/0445/3584/0932/files/dtic_technical_reports_collection.pdf
  • https://ff91de86-852a-4739-abfb-cd3f90f275ae.filesusr.com/ugd/8bc2a6_252ea4594781458e92e1eb1397a35fad.pdf?index=true
  • https://b9b0b278-cf2e-45ae-aa66-79724c801aa0.filesusr.com/ugd/952c2e_d7150b9b0308461fb47875fcf7fe18ec.pdf?index=true
  • https://65620175-da93-4684-b61f-6dbee195d9a9.filesusr.com/ugd/b81754_474978e92f194dfdb8f45cd959acd03c.pdf?index=true
  • https://cb574627-0a63-4f3e-b1b6-09dfb2f0bf7f.filesusr.com/ugd/2072cd_88f2ce3dc83d49a9baa2d17c3a696779.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/

Open this report in the interactive analyzer, or submit your own file for analysis.