Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.TtraffRobotInstall-7605656-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.TtraffRobotInstall-7605656-0
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://pascorealestateblog.net/uploads/1/3/0/5/130551001/rexepugikiv.pdf

  • http://oidzo.net/uploads/1/3/0/6/130622095/8887745.pdf
  • http://melindaedwards.com/uploads/1/3/0/7/130740206/6016717.pdf
  • http://hawaiilimo808.com/uploads/1/3/0/8/130874329/dovorutumuli-saligojafe-juwijuzosumujag-feregijo.pdf
  • http://hoosierdaddio.com/uploads/1/3/0/2/130287799/c458baad1c3.pdf
  • http://threebrothersremodeling.net/uploads/1/3/0/5/130539992/gokorizuzisutip_donaduviturege_muzom.pdf
  • http://www.aureliamichaelvoiceover.com/uploads/1/3/0/2/130289601/fibokibokusuralowito.pdf
  • http://nationalbusinesseducationweek.com/uploads/1/3/0/7/130738979/sonukapewi.pdf
  • http://chatlabs.ai/uploads/1/3/0/7/130738644/felixaxegad-soziboxajo-wenumimetuw-ledawegowop.pdf
  • http://enewrites.com/uploads/1/3/0/6/130639542/2f9d6e71e346559.pdf
  • http://otcdl.brdge.org/uploads/1/3/0/3/130313564/130313564.html#fifa+world+cup+2018+today+scores
  • http://threebrothersremodeling.net/uploads/1/3/0/5/130539992/gokorizuzisutip_donaduviturege_muzom

Open this report in the interactive analyzer, or submit your own file for analysis.