Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ketchas.ru/pbw?utm_term=celebrad+a+cristo+torre+fuerte+letra

  • https://bitigufej.weebly.com/uploads/1/3/5/3/135337089/tuvajelina-jixomob.pdf
  • https://cdn-cms.f-static.net/uploads/4382780/normal_605afda0351fb.pdf
  • https://cdn-cms.f-static.net/uploads/4368222/normal_600fb779410e6.pdf
  • https://cdn-cms.f-static.net/uploads/4373271/normal_6026efa774560.pdf
  • https://cdn-cms.f-static.net/uploads/4476943/normal_6053c09bc6de9.pdf
  • https://keroxazoxap.weebly.com/uploads/1/3/4/8/134884937/wapujivu_safepirasuxo_ganulagifobuso_taliroxesako.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://wuxikadafi.pbworks.com/w/file/fetch/144420390/76751295618.pdf
  • http://bovojigu.pbworks.com/f/ratio_of_perimeter_and_area_of_similar_figures_worksheet_answers.pdf
  • http://zegugas.pbworks.com/w/file/fetch/144427839/how_to_prepare_for_interview_job.pdf
  • https://uploads.strikinglycdn.com/files/4fb91f00-4104-471c-aaf8-dcfd74ecc8a9/is_liftmaster_better_than_chamberlain.pdf
  • https://uploads.strikinglycdn.com/files/fc49e458-cf2d-4c2e-8c42-84da486329a1/fiviromure.pdf
  • https://uploads.strikinglycdn.com/files/1d8a31b3-88e9-4fb1-8c91-c4cc2d24acf8/honda_eu2000i_generator_low_oil_sensor.pdf
  • https://uploads.strikinglycdn.com/files/fac909a5-24b7-4fe9-a7cf-8553f463645c/nivepirewamomad.pdf
  • https://uploads.strikinglycdn.com/files/ff7c4157-3904-44e9-944a-979d4b8f8f34/pearson_algebra_1_common_core_textbook_answers.pdf
  • https://uploads.strikinglycdn.com/files/59a83d7e-2d90-4540-809e-8cec680d7474/detumusugurunufol.pdf
  • https://uploads.strikinglycdn.com/files/f760b9a6-4aaa-413c-9784-9064aaf81816/sozemoneji.pdf
  • https://uploads.strikinglycdn.com/files/fedc7eda-6ccc-4342-956c-654e878973ea/david_shafer_georgia.pdf
  • https://uploads.strikinglycdn.com/files/d72fa827-6520-4a41-a127-94080a8e1f77/kitchenaid_stove_top_replacement_knobs.pdf
  • https://uploads.strikinglycdn.com/files/b49205f0-f0eb-4519-b76c-790d08d3dd65/weruze.pdf
  • http://bupataved.pbworks.com/w/file/fetch/144419772/les_alphas_livre_du_maitre.pdf
  • http://kelivesas.pbworks.com/f/phoolon_ka_taron_ka_sabka_kehna_hai_female_song_download_mp3.pdf
  • https://uploads.strikinglycdn.com/files/3aee92f5-1460-42d2-b873-6cb405339425/45896743839.pdf
  • https://uploads.strikinglycdn.com/files/a2a10c1d-d380-4fb2-9d11-60611cfd660f/dog_mange_treatment_pets_at_home.pdf
  • https://uploads.strikinglycdn.com/files/577b8a50-afe9-47d6-ac4c-90cf93f92e21/english_composition_online_course.pdf
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.