Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Remote-support tool lure high SE_REMOTE_SUPPORT_LURE
  Document instructs the user to install, open, or connect with a remote-support tool such as AnyDesk, TeamViewer, Quick Assist, or ScreenConnect — high-risk in an unsolicited document
• PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
  PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://xtraserp.com/U3RhciBUcmFjayBTUiAxNTAgUmVjZWl2ZXIgVXBncmFkZSBTb2Z0d2FyZQU3R.mostchoice?seizes/explode/noonday/ZG93bmxvYWR8SEM0ZFdObU0zeDhNVFkxT0RJeE9EazROWHg4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA PDF link annotation

  • https://www.easyblogging.in/wp-content/uploads/2022/07/raviman.pdfIn PDF document text
  • http://dichvuhoicuoi.com/wp-content/uploads/2022/07/Kyodai_Mahjongg_V2142_InclKeygen.pdfIn PDF document text
  • https://trikonbd.com/print2rdp-5-23-with-serial/In PDF document text
  • https://womss.com/softplugadventusvstiv15crack-fulled1/In PDF document text
  • https://indiatownship.com/wp-content/uploads/2022/07/maiber.pdfIn PDF document text
  • https://louistomlinsonfrance.com/wp-content/uploads/2022/07/Nurettin_Bilici_Kamu_Maliyesi_Pdf_BEST_Download.pdfIn PDF document text
  • https://atmosphere-residence.ro/wp-content/uploads/whytcain.pdfIn PDF document text
  • https://lustrousmane.com/igo-primo-2-4-5-ipa-11/In PDF document text
  • https://airbrushinformation.net/2022/07/25/3dsmax2014portableg8ni92-2021/In PDF document text
  • http://www.mick0711.com/wp-content/uploads/2022/07/Xfer_Lfo_Tool_Win_Downloadl.pdfIn PDF document text
  • https://damariuslovezanime.com/baofeng-uv-8d-software-11/In PDF document text
  • http://rastadream.com/?p=47539In PDF document text
  • https://www.greatescapesdirect.com/2022/07/anydesk-5-4-0-crack-activation-code-full-download-latest-work/In PDF document text
  • http://pepsistars.com/wp-content/uploads/2022/07/greiever.pdfIn PDF document text
  • https://beckleyservices.com/wp-content/uploads/2022/07/delvxer.pdfIn PDF document text
  • https://solaceforwomen.com/hd-online-player-epson-t1100-adjustment-program-29-2/In PDF document text
  • https://www.odontotecnicoamico.com/wp-content/uploads/2022/07/AccuRC_2_Torrent_Download_BETTER_Licensegolkes.pdfIn PDF document text
  • https://drmanishhinduja.com/wp-content/uploads/2022/07/andrwat.pdfIn PDF document text
  • https://www.residenzagrimani.it/2022/07/26/warriors-orochi-4-ultimate-deluxe-edition-codex/In PDF document text
  • http://tuinfonavit.xyz/?p=27517In PDF document text
  • http://www.tcpdf.orgIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://www.aiim.org/pdfa/ns/extension/In PDF document text
  • http://www.aiim.org/pdfa/ns/schema#In PDF document text
  • http://www.aiim.org/pdfa/ns/property#In PDF document text
  • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.