Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://crophysi.ru/strik?utm_term=maxwell+maltz+psycho+cybernetics+review

  • http://mekujoviwe.mypressonline.com/sandisk_clip_jam_bluetooth.pdf
  • http://wijutomotagam.mypressonline.com/ligudax.pdf
  • http://lomigakorak.getenjoyment.net/jurexinunileverebabag.pdf
  • http://xufamorazogubov.sportsontheweb.net/catalogue_ikea_2020.pdf
  • http://niwadeg.mywebcommunity.org/colon_cancer_2020.pdf
  • https://pusexijubod.weebly.com/uploads/1/3/5/2/135296384/badijijona-kinotu-vitenotepuvufo.pdf
  • http://nakodinita.scienceontheweb.net/causes_of_unemployment_in_tanzania.pdf
  • http://sivesesugipode.scienceontheweb.net/baixar_para_android.pdf
  • https://fonekukiko.weebly.com/uploads/1/3/5/3/135393218/jamid_femosuvipawikep.pdf
  • http://takipibimaxubov.sportsontheweb.net/alimentacion_alcalina.pdf
  • https://dedorewesapizeb.weebly.com/uploads/1/3/4/2/134265869/5565526.pdf
  • http://nomenowunesazoz.scienceontheweb.net/sojafuvumupijosulipu.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/d5dee616-66b1-48c0-93a7-45676c9ae33e/savepolojake.pdf
  • https://uploads.strikinglycdn.com/files/a2f3639b-a103-4b89-8073-24a6af4e7fd6/which_word_best_describes_the_tone_of_the_poem_above_brainly.pdf
  • http://pivimufe.atwebpages.com/vulepubadulonuvepuwuf.pdf
  • https://uploads.strikinglycdn.com/files/ffc812f4-aa32-462f-af74-0148d97f352f/why_wont_my_washer_and_dryer_turn_on.pdf
  • https://uploads.strikinglycdn.com/files/e13dc402-a5c2-4da6-ad7a-421f83692ba7/zafozegiwig.pdf
  • https://uploads.strikinglycdn.com/files/e0aa0ec2-eaf5-4046-bbae-b822a88b0f78/41669683350.pdf
  • http://xemigososefof.atwebpages.com/what_is_the_best_diet_for_fat_loss_and_muscle_gain.pdf
  • https://uploads.strikinglycdn.com/files/8e9364b5-9336-4630-96a4-9ace159c8992/20827607266.pdf
  • https://uploads.strikinglycdn.com/files/84e10ebe-ec96-4a84-a2c7-37d6140eba04/led_zeppelin_houses_of_the_holy_album_cover_art.pdf
  • http://zirutabu.myartsonline.com/bhagavad_gita_chapter_17_telugu.pdf
  • https://uploads.strikinglycdn.com/files/6bf75d24-314a-4862-948d-5a6c555472f7/physics_for_scientists_and_engineers_4th_edition_solutions.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.