Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://fokemale.ru/strik?utm_term=casio+retro+calculator+watch+gold PDF link annotation

  • https://static.s123-cdn-static.com/uploads/4496381/normal_5fcf07e793102.pdfIn PDF document text
  • https://ropedali.weebly.com/uploads/1/3/0/9/130969406/1103582.pdfIn PDF document text
  • https://depesusexufajev.weebly.com/uploads/1/3/5/3/135351117/vetufe.pdfIn PDF document text
  • https://kixakusafi.weebly.com/uploads/1/3/4/8/134891224/zefolop_folowetoniz.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4447912/normal_5ff8695195ad8.pdfIn PDF document text
  • https://netajeripen.weebly.com/uploads/1/3/6/0/136053717/fefapomukeb.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://uploads.strikinglycdn.com/files/1309ceec-945e-41c0-854a-5c95d887e83f/cant_connect_to_jbl_flip_3.pdfIn PDF document text
  • https://s3.amazonaws.com/fomaralunex/free_after_effects_templates_photo_book.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/0b568fce-1951-4775-ae88-6b1e2f9d966e/vagoxelusapawowomajunulus.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/546ef83a-3091-492d-b668-80d2c9fbd961/xuxopuditulitetoruwarate.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5cd70d25-3ac0-4843-a193-86eb1cc08113/19630812073.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5ce08e72-7133-452b-bcee-8124eb5429b3/by_the_waters_of_babylon_short_summary.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/fc488b82-0477-4a27-9723-9b5b877ca26b/how_many_calories_in_taco_bell_grilled_cheese_burrito.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/21f0f478-07fa-4067-bd75-7d1557ebd0d7/ruvixanojetomoda.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/c1a6cdf9-eae1-4524-a386-2b46afa2d38f/windows_10_cyberpatriot_cheat_sheet.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/b5d266ff-d3dc-4e38-8375-8f12a4b0b44c/how_to_get_rid_of_tiny_acne_bumps_on_face_quickly.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/936b3363-b910-407e-9943-7fbd2aaf9fa8/wavepodegelakojijobujol.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/b222b11a-27f3-4110-873b-16155af2d73d/xatitule.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/fafa8f9a-ad77-4998-865e-ac78f68cb21f/the_lottery_analysis_questions.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/d9e93593-9e71-44ed-ac77-208e7f4f216e/gupurene.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/b89aef5f-86fc-437e-bcbe-6c763f34a54b/54794586576.pdfIn PDF document text
  • https://s3.amazonaws.com/kokesatodixon/faloxewoz.pdfIn PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.