Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
  PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://signforcover.com/bundling/ZG93bmxvYWR8TEgzTWpsdmRYeDhNVFkxTnpJM05EUTVPWHg4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA/hangout.honing?selye=&preoperatively=Qnl0ZXNjb3V0IFBERiBWaWV3ZXIQnl.dupret PDF link annotation

  • http://scenariotourism.com/2022/07/08/automailmerge-plug-in-for-adobe-acrobat-crack-for-pc/In PDF document text
  • http://orbeeari.com/?p=38939In PDF document text
  • https://inboxagency.sk/wp-content/uploads/2022/07/pallan.pdfIn PDF document text
  • https://ig-link.com/power-gif-optimizer-crack-license-code-keygen-download-pc-windows/In PDF document text
  • https://hochzeiten.de/wp-content/uploads/2022/07/XDBF_Manager_Torrent_Activation_Code_WinMac.pdfIn PDF document text
  • https://www.icmgpartners.com/wp-content/uploads/2022/07/Hotkeys.pdfIn PDF document text
  • https://mypartcar.com/jeoe-note-crack-updated-2022/In PDF document text
  • https://aposhop-online.de/2022/07/08/mstex-previously-mstartex-registration-code-free-latest/In PDF document text
  • https://abkoutlet.com/wp-content/uploads/2022/07/junbri.pdfIn PDF document text
  • https://dogrywka.pl/esbunitconv-portable-crack-serial-key-download-2022-new/In PDF document text
  • https://luxvideo.tv/2022/07/08/shut-down-expert-5-15-free-download-final-2022/In PDF document text
  • https://marketstory360.com/news/53441/meditex-ivf-for-windows-2022/In PDF document text
  • http://it-labx.ru/?p=67969In PDF document text
  • https://subsidiosdelgobierno.site/wp-content/uploads/2022/07/nichal.pdfIn PDF document text
  • http://www.intersections.space/wp-content/uploads/2022/07/button_icons_pack.pdfIn PDF document text
  • https://weekvanhetnederlands.org/wp-content/uploads/2022/07/benyfay.pdfIn PDF document text
  • https://www.lynnlevinephotography.com/f4vpostprocessor-crack-registration-code/In PDF document text
  • https://aposhop-online.de/2022/07/08/power-cart-manager-free-latest/In PDF document text
  • https://www.filmwritten.org/?p=20204In PDF document text
  • https://shanajames.com/2022/07/08/ofx2pdf-9-0-470-crack-with-full-keygen-free-download/In PDF document text
  • https://hochzeiten.de/wp-In PDF document text
  • http://www.tcpdf.orgIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://www.aiim.org/pdfa/ns/extension/In PDF document text
  • http://www.aiim.org/pdfa/ns/schema#In PDF document text
  • http://www.aiim.org/pdfa/ns/property#In PDF document text
  • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.