Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
  PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://awarefinance.com/cashmere.ndjamena?ZG93bmxvYWR8N0pwTVRGbU0yRjhmREUyTmpJMk9EQXpPVEI4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk=.cholecystectomies&QnVzaW5lc3MgQ2FyZCBEZXNpZ25lciBQcm8gNS40IENyYWNrQnV=perkin PDF link annotation

  • https://dallahcoffee.com/micro-scope-v16-quattro-diagnostic-suite-2/In PDF document text
  • https://movingbay.com/solucionariodealgebralinealgrossman6taediciongratiszip-top/In PDF document text
  • http://www.kiwitravellers2017.com/2022/09/12/work-crack-isobuster-2-4-portable-version/In PDF document text
  • http://moonreaderman.com/windows-live-messenger-2010-free-download-upd-full-version/In PDF document text
  • http://shop.chatredanesh.ir/?p=123982In PDF document text
  • https://liquidonetransfer.com.mx/?p=116025In PDF document text
  • https://brookstondesigns.com/wp-content/uploads/2022/09/Windows7OEMActivationBranderRelease2Orbit30rarhtml13.pdfIn PDF document text
  • https://www.infoslovakia.sk/wp-content/uploads/2022/09/YouTube_By_Click_Premium_2287_Full_Serial_Key_keygen.pdfIn PDF document text
  • https://superstitionsar.org/wp-content/uploads/2022/09/vyvigra.pdfIn PDF document text
  • https://bestrest.rest/wp-content/uploads/2022/09/gitexarr.pdfIn PDF document text
  • http://rootwordsmusic.com/2022/09/11/gpg-dragon-3-41b-top-cracked-without-a-box/In PDF document text
  • http://findmallorca.com/greater-than-gatsby-photoshop-actions-torrents/In PDF document text
  • http://www.kiochi.com/%product_category%/dawn-of-war-2-skill-points-cheatIn PDF document text
  • http://awaazsachki.com/?p=73153In PDF document text
  • https://djolof-assurance.com/wp-content/uploads/2022/09/PreSonus_Studio_One_Pro_4_Crack_Plus_Activation_Key_REPACK_Free.pdfIn PDF document text
  • https://diontalent.nl/2022/09/11/switchbotv5metin2-top/In PDF document text
  • https://expressionpersonelle.com/amibcp-v4-06rar-new/In PDF document text
  • https://imarsorgula.com/wp-content/uploads/2022/09/Cabo_do_Medo_Dublado_WWW_FIL_S_COM.pdfIn PDF document text
  • https://www.masiga.it/wp-content/uploads/2022/09/siredebo.pdfIn PDF document text
  • https://blessedtimony.com/wp-content/uploads/2022/09/Solicall_Pro_License_39.pdfIn PDF document text
  • http://www.tcpdf.orgIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://www.aiim.org/pdfa/ns/extension/In PDF document text
  • http://www.aiim.org/pdfa/ns/schema#In PDF document text
  • http://www.aiim.org/pdfa/ns/property#In PDF document text
  • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.