Malicious PDF — malware analysis report

Heuristics 3

• Small PDF is a non-clustered link farm on disposable hosting medium PDF_SEO_DISPOSABLE_LINK_FARM
  Small PDF contains many clickable external PDF links spread thin across many distinct hosts (no single dominant host), corroborated by a utm_term SEO-redirector link and/or links parked on free/disposable content hosts. This is the 'free document/template' SEO phishing PDF family, which ranks for search queries and routes users into payload/redirect chains, rather than a normal document citation pattern. The PDF itself carries no exploit — the risk is the linked destinations.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://golowaki.ru/aws?utm_term=vizio+e32-c1+remote+not+working PDF link annotation

  • http://megazoni.iblogger.org/avicii_wake_me_up_song_video.pdfIn PDF document text
  • http://bizbize-yeteriz.org/343418218840mpcu.pdfIn PDF document text
  • https://joruluzadazalit.weebly.com/uploads/1/3/4/6/134673717/0fadffd017c7a.pdfIn PDF document text
  • http://swiss-gear-top.xyz/itouch_air_smart_watch_manualvzlbx.pdfIn PDF document text
  • http://reduslim-buy.site/washington_state_covid_numbersievqk.pdfIn PDF document text
  • https://sepuzudagek.weebly.com/uploads/1/3/5/3/135329554/6310707.pdfIn PDF document text
  • http://hookup668.site/as_a_man_thinketh_chapter_summariesmuj4e.pdfIn PDF document text
  • http://zalavsky.ru/223755269088emsn.pdfIn PDF document text
  • http://vuxokiwi.22web.org/blue_jackets_vs_blackhawks_prediction_1_31_21.pdfIn PDF document text
  • https://vuwisirikufav.weebly.com/uploads/1/3/4/7/134765545/xikoxom-bipepe.pdfIn PDF document text
  • http://hayatevesigar.online/52965025315jtyqu.pdfIn PDF document text
  • http://erkutungotu.com/loescher_grammatica_italianayn4je.pdfIn PDF document text
  • https://todijaxazifaro.weebly.com/uploads/1/3/4/3/134342800/jokenowulogaberinoju.pdfIn PDF document text
  • https://rakulemiz.weebly.com/uploads/1/3/2/6/132682689/bezirezulanorud.pdfIn PDF document text
  • http://zibanozoxepezu.iblogger.org/dd_character_dice_roller.pdfIn PDF document text
  • http://winsl.space/nobodoxuxuxufudeskd2z7.pdfIn PDF document text
  • https://nusisudarebo.weebly.com/uploads/1/3/4/3/134349377/mekirewelezu_pavokuf_jolupafaw_sagobefinabebaw.pdfIn PDF document text
  • https://xadenekowote.weebly.com/uploads/1/3/0/7/130776743/1169d.pdfIn PDF document text
  • http://natural-shop.info/6646848946109k45.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • http://rigexeleza.rf.gd/1375941385.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/81dbc943-f6a9-473a-8d73-976a18a7cb3c/26716140092.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/f9daa461-cf6e-4ad8-adce-80a5f4f2f6d9/kenmore_series_100_washer_error_codes.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/70346f66-5e81-4cf1-9378-b273f07de667/dd_3.5_spells_by_level.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/85563c6f-101f-4cd5-9491-8f5584dbed62/is_sat_subject_test_required_for_mit.pdfIn PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.