Malicious PDF — malware analysis report

Heuristics 3

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://siteslocate.com/citizenship.demerit?ZGlhYmxvIDIgcGVyZmVjdCBkcm9wIG1vZCBjdWJlIHJlY2lwZXMZGl=ZG93bmxvYWR8RFgyTlc4MU1IeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA&mangroves=inculcated

  • https://baukultur.plus/wp-content/uploads/2022/07/PC_Sexy_Beach_3_Plus_414_Mods_And_Addons_Hentai_ENGtrmdsf.pdf
  • https://www.town.lynnfield.ma.us/sites/g/files/vyhlif3391/f/uploads/field_use_regulations.pdf
  • http://www.studiofratini.com/s5-s7-for-windows-link-crack-key/
  • http://www.hva-concept.com/iobit-start-menu-8-pro-5-2-0-2-with-serial-key/
  • https://www.prarthana.net/pra/novation-bass-station-vsti-v1-6-full-download-updated/
  • https://ead.institutoinsigne.com.br/blog/index.php?entryid=8111
  • https://agg-net.com/files/aggnet/webform/autocad-mechanical-2018-crack-free-download.pdf
  • https://darblo.com/gestion-comunidad-de-vecinos-2-40-serial-full/
  • https://www.conroyremovals.com.au/system/files/webform/careers/unlock-phone-codes-free-nokia.pdf
  • https://omidsoltani.ir/250355/account-hacker-v3-9-9-activation-code-crack-hot.html
  • https://wanoengineeringsystems.com/swar-systems-swarplug-vsti-v1-0h2o-torrent/
  • https://alafdaljo.com/band-baaja-baaraat-movie-hot-download-kickass/
  • https://www.mil-spec-industries.com/system/files/webform/ushtrime-ne-mikroekonomirarzip.pdf
  • http://jwbotanicals.com/activation-id-for-srs-hd-audio-lab-patched/
  • https://aboe.vet.br/advert/jetbrains-webstorm-2018-2-5-high-quality-crack-high-quality-cracksmind-serial-key-keygen/
  • http://www.strelkabrno.cz/advert/crack-daemon-tools-pro-7-1-0-0595-crack-hot/
  • https://www.gayleatherbiker.de/upload/files/2022/07/PNxcLXX7Oa3WQTlDMDpa_07_c28c654e38d3be0d915b5391b4febf6f_file.pdf
  • https://coopdespensasolidaria.com/hd-online-player-sachin-a-billion-dreams-hindi-movi-link/
  • https://www.gayleatherbiker.de/upload/files/2022/07/lexB7Qadvb6r4JHipeKD_07_461c2f911692fba3cf9422015d975bbe_file.pdf
  • https://baukultur.plus/wp-
  • https://www.conroyremovals.com.au/system/files/webform/careers/unlock-phone-codes-free-
  • https://aboe.vet.br/advert/jetbrains-webstorm-2018-2-5-high-quality-crack-high-quality-cracksmind-
  • https://www.gayleatherbiker.de/upload/files/2022/07/PNxcLXX7Oa3WQTlDMDpa_07_c28c654e38d3b
  • https://www.gayleatherbiker.de/upload/files/2022/07/lexB7Qadvb6r4JHipeKD_07_461c2f911692fba3c
  • https://mentorthis.s3.amazonaws.com/upload/files/2022/07/BUj8vTNtklWzpODDPa7J_07_c28c654e38d3be0d915b5391b4febf6f_file.pdf
  • http://www.tcpdf.org
  • https://mentorthis.s3.amazonaws.com/upload/files/2022/07/BUj8vTNtklWzpODDPa7J_07_c28c654e38
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.