Malicious PDF — malware analysis report

Heuristics 4

• Fake 'free download' SEO-poisoning PDF critical PDF_SEO_FAKE_DOWNLOAD
  The ML classifier flagged this PDF AND it carries a visual download/call-to-action lure AND an off-domain server-side download-gateway link whose query string names a document payload. This three-signal conjunction is the fake-document / 'free PDF download' SEO-poisoning delivery pattern: the page is padded with benign decoy links to dilute classifier scores while funnelling the victim through the gateway to malware/scareware. Acting only on the conjunction keeps benign download-bearing PDFs from being misflagged.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://uncpbisdegree.com/download3.php?q=side-design-of-cards.pdf PDF link annotation

  • http://uncpbisdegree.com/download4.php?q=side-design-of-cards.pdfIn PDF document text
  • http://ui-patterns.com/patterns/cardsIn PDF document text
  • http://www.designawedding.net/In PDF document text
  • http://www.morningprint.com/finishing/finishing2.phpIn PDF document text
  • https://www.winkflash.com/photo-cardsIn PDF document text
  • http://mswordidcards.com/5-best-vertical-design-employee-id-cards/In PDF document text
  • http://www.delhiprinter.com/businesscards.phpIn PDF document text
  • http://www.ashbeedesign.com/2011/11/diy-christmas-cards-pierced-designs.htmlIn PDF document text
  • http://memorialprint.com/In PDF document text
  • http://logodesignerblog.com/creative-business-cards-design-inspiration/In PDF document text
  • http://www.makeplayingcards.com/design/custom-blank-card-traditional-size.htmlIn PDF document text
  • https://www.primoprint.com/business-cardsIn PDF document text
  • https://www.designeatrepeat.com/free-printable-recipe-cards/In PDF document text
  • https://www.gotprint.com/business-cards.htmlIn PDF document text
  • http://mswordidcards.com/8-best-professional-design-vertical-id-cards/In PDF document text
  • http://ivyjoy.com/printcards/printcards.htmlIn PDF document text
  • https://www.psprint.com/invitation-cardsIn PDF document text
  • http://www.printland.in/items/invitation-cards.htmlIn PDF document text
  • http://riverside-resort.net/1/wedding-card-template-free-download-psd.pdfIn PDF document text
  • http://riverside-resort.net/1/venezuela-a-question-and-answer-book-fact-finders.pdfIn PDF document text
  • http://uncpbisdegree.com/1/solution-manual-of-mechanical-vibration-thomson.pdfIn PDF document text
  • http://uncpbisdegree.com/1/student-solutions-manual-for-stewarts-multivariable-calculus-7th.pdfIn PDF document text
  • http://riverside-resort.net/1/volkswagen-golf-city-service-manual.pdfIn PDF document text
  • http://uncpbisdegree.com/1/soccer-game-length.pdfIn PDF document text
  • http://uncpbisdegree.com/1/the-coldest-war-milkweed-triptych-2-ian-tregillis.pdfIn PDF document text
  • http://uncpbisdegree.com/1/soccer-poems-with-alliteration.pdfIn PDF document text
  • http://uncpbisdegree.com/1/the-flow-of-complex-mixtures-in-pipes.pdfIn PDF document text
  • http://uncpbisdegree.com/1/the-churchill-factor-how-one-man-made-history.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://designmodo.com/web-design-cards/In PDF document text
  • http://www.fedex.com/us/office/designprint/businesscards.htmlIn PDF document text
  • https://www.amazon.com/Avery-Printable-Two-Side-Clean-Edge-05871/dp/B00006IBV3In PDF document text
  • https://www.amazon.com/b?ie=UTF8&node=1069664In PDF document text
  • https://www.amazon.com/Cards-Card-Stock/b?ie=UTF8&node=1069666In PDF document text
  • https://www.amazon.com/b?ie=UTF8&node=1069668In PDF document text
  • https://www.moo.com/uk/design-templates/business-cards/In PDF document text
  • https://www.moo.com/us/In PDF document text
  • https://www.tripadvisor.com/Hotel_Review-g187331-d232621-Reviews-SIDE_Design_Hotel_Hamburg-Hamburg.htmlIn PDF document text
  • https://www.tripadvisor.com/Tourism-g187275-Germany-Vacations.htmlIn PDF document text
  • https://www.tripadvisor.com/Tourism-g187331-Hamburg-Vacations.htmlIn PDF document text
  • https://www.tripadvisor.com/Hotels-g187331-Hamburg-Hotels.htmlIn PDF document text
  • https://www.zazzle.com/custom/playingcardsIn PDF document text
  • https://www.zazzle.com/custom/home+giftsIn PDF document text
  • https://www.zazzle.com/custom/toy+giftsIn PDF document text
  • https://design.cricut.com/In PDF document text
  • https://en.wikipedia.org/wiki/PostcardIn PDF document text
  • http://go.microsoft.com/fwlink/?LinkId=521839&CLCID=0409In PDF document text
  • http://go.microsoft.com/fwlink/?LinkID=246338&CLCID=0409In PDF document text

  +4 more URL(s)

Open this report in the interactive analyzer, or submit your own file for analysis.