Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINK
  PDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://evacdir.com/bm9zdGFsZSBib3QgbGVlcnRhc3RlIGZyZWUgZG93bmxvYWQbm9.ZG93bmxvYWR8azF1YVdzMlpIeDhNVFkxTkRrNE9URTJNbng4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA.forrested/garratt/hendry/grondona.paddings

  • https://emsalat.ru/wp-content/uploads/2022/06/raysilly.pdf
  • https://rookbrand.com/wp-content/uploads/2022/06/Real_Rape_Videos_Collectionrar.pdf
  • https://www.stayza.com/wp-content/uploads/2022/06/oswahiaw.pdf
  • https://touky.com/intimacy-2001-torrent-720p/
  • https://www.pokemythology.net/wp-content/uploads/2022/06/Microsoft_Visual_C_2019_Failed_To_Install_FREE.pdf
  • http://mein-portfolio.net/wp-content/uploads/2022/06/Generals_Zero_Hour_V104_No_Cd_Crack.pdf
  • https://defisociety.com/balsamiq-mockups-3-5-14-crack-with-license-key-best/
  • https://www.repaintitalia.it/new-free-download-echo-sound-system-software-for-pc/
  • https://rakyatmaluku.id/upload/files/2022/06/lM4lyu3UXWwNJkRw3AON_13_3ed34f696df8b0e40597558c41933b9d_file.pdf
  • https://waoop.com/upload/files/2022/06/9RtrBNSswWHdWISGDnnh_12_4dff74d31d8d34fc52384c6b151a9b08_file.pdf
  • https://canhotrongmo.com/freedownloadarchicad1632bit/
  • https://homedust.com/minecraftcavedenmapdownloadforpc/
  • https://csermoocf6ext.blog/wp-content/uploads/2022/06/the_descent_2_discesa_nelle_tenebre_ita_torrent.pdf
  • https://www.scalping.es/wp-content/uploads/2022/06/Getflv_9121_Registration_Codefull25.pdf
  • http://raga-e-store.com/wp-content/uploads/2022/06/Artificial_Academy_Hf_Patch_40.pdf
  • https://www.babygotbotcourses.com/wp-content/uploads/2022/06/wayallo.pdf
  • https://intrendnews.com/behringer-usb-audio-driver-free-obtain/
  • https://aalcovid19.org/wp-content/uploads/2022/06/Hero_No1_Movie_In_Hindi_Torrent_Download_BETTER.pdf
  • https://cosasparamimoto.club/light-wave-usb-2-0-tv-av-combo-lw-utv-rar/
  • https://bodhirajabs.com/malena-movie-download-exclusive-in-dual-audio-720p-movies/
  • http://www.tcpdf.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.