Malicious PDF — malware analysis report

Heuristics 3

• Image lure linking to an SEO redirector (free-download phishing) high PDF_SEO_UTM_REDIRECTOR_LINK
  PDF embeds an image with little or no body text and a clickable link to a multi-word utm_term / FeedBurner-proxied SEO redirector — the 'free ebook / solution-manual / document download' phishing family that ranks for natural-language search queries and routes the user into a payload/redirect chain. The PDF carries no exploit; the risk is the linked destination. Flagged structurally (image lure + SEO redirector) so it does not depend on a ClamAV/ML signature, and regardless of how many filler text pages the lure carries.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://tds.advtraff2014.ru/wp1?keyword=%D0%B3%D0%B4%D0%B7+%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9+6+%D0%BA%D0%BB%D0%B0%D1%81%D1%81+%D0%BB%D0%B0%D0%B4%D1%8B%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B0%D1%8F+%D0%B1%D0%B0%D1%80%D0%B0%D0%BD%D0%BE%D0%B2+%D1%82%D1%80%D0%BE%D1%81%D1%82%D0%B5%D0%BD%D1%86%D0%BE%D0%B2%D0%B0 PDF link annotation

  • http://tds.advtraff2014.ru/wp1?keyword=%D0%B3%D0%B4%D0%B7+%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9+6+%D0%BA%D0%BB%D0%B0%D1%81%D1%81+%D0%BB%D0%B0%D0%B4%D1%8B%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B0%D1%8F+%D0%B1%D0%B0%D1%80%D0%B0%D0%BD%D0%BE%D0%B2+%D1%82%D1%80%D0%BE%D1%81%D1%82%D0%B5%D0%BD%D1%86%D0%BE%DPDF link annotation
  • https://tibuxumaceseriri.files.wordpress.com/2018/04/gulinesudonulab-gdz-biologiia-9-klass-rabochaia-tetrad-ragasodexif.pdfIn PDF document text
  • https://img0.liveinternet.ru/images/attach/d/0//5918/5918121_wuzuxonadobereader2009downloadforwindows7free64bitsetupnet.pdfIn PDF document text
  • https://momuvagecisij.files.wordpress.com/2018/04/sesotin-algoritm-napisaniia-sochineniia-v-11-klasse-na-ege-bodudoxu.pdfIn PDF document text
  • https://jokomexuvicocari.files.wordpress.com/2018/04/kobotutiwapife-gdz-po-fizike-9-klass-peryshkin-2008-uchebnik-sejasusawekena.pdfIn PDF document text
  • https://cebokufe.files.wordpress.com/2018/04/romodub-sbornik-zadach-po-teorii-veroiatnostei-mukhin-smorkalova-reshebnik-taretotusuwide.pdfIn PDF document text
  • https://xafuqaniqehigib.files.wordpress.com/2018/04/lifegakem-gdz-po-russkomu-iazyku-8-klass-fgos-lvov-lvova-mobujege.pdfIn PDF document text
  • https://jokomexuvicocari.files.wordpress.com/2018/04/juvuverawaj-frants-8-klass-gdz-gumiku.pdfIn PDF document text
  • https://rimokuqubusatohop.files.wordpress.com/2018/04/movotunuvaxene-tsybulko-russkii-iazyk-2016-ege-onlain-chitat-besplatno-zebuva.pdfIn PDF document text
  • https://tibuxumaceseriri.files.wordpress.com/2018/04/guxafomuwode-gdz-po-matematike-6-klass-vilenkin-1577-weroleligirujeb.pdfIn PDF document text
  • https://cebokufe.files.wordpress.com/2018/04/vubab-6-kl-matematika-vilenkin-gdz-674-forovila.pdfIn PDF document text
  • https://img0.liveinternet.ru/images/attach/d/0//5906/5906208_kokoxegeporusskomuchtovkhoditwotud.pdfIn PDF document text
  • https://kugadicusevasejujek.files.wordpress.com/2018/04/tedarabole-zadachnik-po-algebre-8-klass-zvavich-reshebnik-rowutozulidix.pdfIn PDF document text
  • https://img0.liveinternet.ru/images/attach/d/0//5914/5914987_xamexgdzpoangliiskomu9klassnewopportunitieslanguagepowerbookfos.pdfIn PDF document text
  • http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.