Malicious PDF — malware analysis report

Heuristics 4

• PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK
  PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Urgency / deadline lure low SE_URGENCY_LURE
  Document contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ttraff.club/wix?keyword=best+chpn+study+guide

  • https://ba7d3958-980a-402c-9c0f-a1c4b47d035b.filesusr.com/ugd/3e7897_844cc4f97f0b42b0a919959f13d22520.pdf?index=true
  • https://3e2d64b1-5779-4c6b-ad71-50e25058622d.filesusr.com/ugd/e643da_5009f80cbcdd42f491e234a90289260a.pdf?index=true
  • https://ed2088cb-b121-41eb-a958-723dfc48220c.filesusr.com/ugd/dcbeda_04cf983089804e3393e07b78b8921b59.pdf?index=true
  • https://66f0f0be-1d56-46f9-9bc3-9787d5912e63.filesusr.com/ugd/9e14ca_1dfb7721e42d4799a66741b1f71595fd.pdf?index=true
  • https://d40df688-1233-402c-ad9b-a7e8692d74cd.filesusr.com/ugd/b54ff4_b1ca4974ea23469b98ac444e496d5c64.pdf?index=true
  • https://538c8cac-4d45-41e5-8240-fb399ffecd68.filesusr.com/ugd/2994dd_aad7c3f227f5487b8caf3c0a0dd20612.pdf?index=true
  • https://b6799e63-f50b-4eb7-8cc3-188334466f4f.filesusr.com/ugd/77eba6_ed74704067f94471a4ea47ea176a4db2.pdf?index=true
  • https://512a4a23-1186-4824-aab1-3cae2da953aa.filesusr.com/ugd/95089d_1ffd4b3af9eb45c28a819ec74107b06c.pdf?index=true
  • https://f06a6600-a0fa-4a7d-aa41-9ae71e8f8c59.filesusr.com/ugd/4bb894_f1aafe19d9654acf89fdb12f73406ac3.pdf?index=true
  • https://7002f819-1ad8-4337-bbad-c23e27ca6615.filesusr.com/ugd/58a813_27dfbe2727174c208c32f0a426068c73.pdf?index=true
  • https://7691f2ab-6124-4941-832f-14f2df28e895.filesusr.com/ugd/8e1900_9ad9d681a1294cbe928fc51550a02d1f.pdf?index=true
  • https://eec0fd36-5d39-4858-8286-5ebef1c5383f.filesusr.com/ugd/7d2910_5ca8166a03804abb86035c05e162b330.pdf?index=true
  • https://68c7b0b9-6da9-421f-9f50-a3212b6e69cb.filesusr.com/ugd/8a9bcc_d91fbfafd35c47829b745f1ad7f27a55.pdf?index=true
  • https://729777b7-26b0-44af-8136-bfd33743b98b.filesusr.com/ugd/5f226b_630decb23edc4a86824a0e1421aba820.pdf?index=true
  • https://80d9d2b6-9280-48ca-883d-fd9ce5b38c56.filesusr.com/ugd/dfb5f8_ece00dd4b9f04c918a37d37af11e26e4.pdf?index=true
  • https://0163a90f-ca36-4cb9-af0a-4d5cd7de5019.filesusr.com/ugd/b14caa_056dd54f297342abae8f469cca28175d.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/

Open this report in the interactive analyzer, or submit your own file for analysis.