Malicious PDF — malware analysis report

Heuristics 3

• PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK
  PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ggtraff.ru/aws?keyword=catecismo+da+igreja+cat%25C3%25B3lica+pdf+baixar In PDF document text

  • https://cdn-cms.f-static.net/uploads/4374359/normal_5f92f99704da4.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4366984/normal_5f90a26a3a981.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4385848/normal_5f9639a59ea9a.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4369310/normal_5f886c3484d7e.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4384150/normal_5f93bede64b53.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4365547/normal_5f8934423846d.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4393904/normal_5f943aa2264b4.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4366659/normal_5f8e1763124e5.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4393035/normal_5f91b7c4c7cc7.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4370275/normal_5f8d89b822739.pdfIn PDF document text
  • https://tixovokibena.weebly.com/uploads/1/3/4/1/134109053/3139752.pdfIn PDF document text
  • https://tivaxuxilo.weebly.com/uploads/1/3/4/1/134131375/natuzogor.pdfIn PDF document text
  • https://jimigafekalese.weebly.com/uploads/1/3/1/4/131407537/xivilosiguvukuj_mogesebal_kepitasumupis.pdfIn PDF document text
  • https://tedumuwoke.weebly.com/uploads/1/3/1/3/131397970/lumitimuveni.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0497/6050/1921/files/webinar_app_for_android.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0493/1131/8182/files/2943097344.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0266/8855/3131/files/the_fixer_book.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0498/7309/2766/files/divided_kingdom_bible.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0433/5176/9256/files/kawirenewiwopomuve.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5de58961-1c63-4f22-a917-f2094ee57f9a/53789712502.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/920e94ad-a94f-48af-8ac7-e445ac2e58a0/37879288167.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/f26b65f9-31bd-4520-8593-4bed32cf03cf/zindagi_pyar_ka_geet_hai_kishore_kum.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/8d92a4cd-5dab-483f-b746-508cb27150b4/nordictrack_asr_630_dimensions.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/9b24f4be-c0f0-4fe1-8ca5-02c96acf3869/46604292045.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5f9d04fe-5cb9-478e-b367-687a424a39be/dilaxifuwusav.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/c992b9d6-955b-4a4b-8ac0-9af1991fd455/17438134765.pdfIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.