Malicious PDF — malware analysis report

Heuristics 4

• Recovery secret / private key request critical SE_SECRET_RECOVERY_LURE
  Document requests recovery phrases, private keys, backup codes, or saved passwords. Requests for these secrets in a document are high-risk.
• PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
  PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://evacdir.com/breuer/heralding/skiers.freston/lefkes/?Qml0Y29pbiBLbm90cwQml=ZG93bmxvYWR8MzMxWkRCak5YeDhNVFkxTkRZME16TTFNSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk PDF link annotation

  • https://delcohempco.com/2022/06/08/freesql-crack-lifetime-activation-code/In PDF document text
  • http://adhicitysentulbogor.com/?p=4266In PDF document text
  • http://mysleepanddreams.com/enable-windows-sandbox-in-windows-10-home-crack-download-pc-windows/In PDF document text
  • https://rmexpressglob.com/audio-recorder-pro-3-90-crack-download-latest/In PDF document text
  • https://morning-mountain-03465.herokuapp.com/WinSid_iSplitter.pdfIn PDF document text
  • https://clubnudista.com/upload/files/2022/06/pfqIxfwbf4prk9yZoDxj_08_37cdbf1318c59f39d94b644b2c9510e6_file.pdfIn PDF document text
  • https://firmateated.com/2022/06/08/vat-software-download-for-pc/In PDF document text
  • http://www.expo15online.com/advert/bigasoft-ipod-transfer-2-47-mac-win/In PDF document text
  • https://traveldirectoryguide.com/wp-content/uploads/2022/06/debocrat.pdfIn PDF document text
  • https://heidylu.com/liscverb-product-key-full-for-pc/In PDF document text
  • https://www.rubco.be/uncategorized/bigasoft-blackberry-ringtone-maker-crack-free-win-mac/In PDF document text
  • https://mugstand.com/?p=1297In PDF document text
  • https://dragalacoaching1.com/capture-view-crack-updated-2022/In PDF document text
  • https://sebastianarnezeder.com/2022/06/08/packet-spy-crack-x64/In PDF document text
  • https://thetalkingclouds.com/wp-content/uploads/2022/06/Cafun_Crack___Download_X64.pdfIn PDF document text
  • https://bnbeasy.it/?p=5946In PDF document text
  • https://www.conceptpartners.lu/content/uploads/2022/06/Boris_Continuum_Complete.pdfIn PDF document text
  • https://misasgregorianas.com/processeye-crack-with-full-keygen-download-for-windows-april-2022/In PDF document text
  • https://heidylu.com/wp-content/uploads/2022/06/zeezeal.pdfIn PDF document text
  • http://www.panayideswood.com/?p=3326In PDF document text
  • http://mysleepanddreams.com/enable-windows-sandbox-in-windows-10-home-crack-download-pc-In PDF document text
  • https://clubnudista.com/upload/files/2022/06/pfqIxfwbf4prk9yZoDxj_08_37cdbf1318c59f39d94b644b2In PDF document text
  • http://www.tcpdf.orgIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://www.aiim.org/pdfa/ns/extension/In PDF document text
  • http://www.aiim.org/pdfa/ns/schema#In PDF document text
  • http://www.aiim.org/pdfa/ns/property#In PDF document text
  • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.