Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• PDF differential parser failed info PDF_DIFFERENTIAL_PARSE_FAILED
  The cross-check parser (pdfminer.six) failed on this file: PDF differential parser failed: PDFSyntaxError. Static heuristics still ran and any of their findings above are valid; only the differential cross-check signal is missing.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://jottigo.ru/award?keyword=brene+brown+boundaries+pdf

  • http://xufuzema.sportsontheweb.net/bwv_1064.pdf
  • http://muzomabavima.medianewsonline.com/jejavefalabezorutemige.pdf
  • http://pukebebizadolu.mypressonline.com/how_to_get_darkvision_5e.pdf
  • http://vugekowuzujed.scienceontheweb.net/hopper_reset_button.pdf
  • http://riniwodifole.medianewsonline.com/65814408906.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/bededuxotulapil/calibre_automatically_metadata.pdf
  • https://e691ad07-92dc-45fa-af10-8929b4045ede.filesusr.com/ugd/87b9a8_21c3d1a2c97e491fad8bdb3c16392cd1.pdf?index=true
  • https://ef4b221f-cfb4-47e8-bf1d-3b5092770df7.filesusr.com/ugd/4948da_1ee54fa9643f41b3bdd778e00e421b63.pdf?index=true
  • http://jupevesu.atwebpages.com/mathematical_symbols_with_names.pdf
  • https://s3.amazonaws.com/wulagisi/addition_reaction_of_alkenes_chemguide.pdf
  • http://keregimuw.onlinewebshop.net/pobigobutexizefokirilaf.pdf
  • https://64e18f06-8a0e-4dc1-8427-9dd81b4bff36.filesusr.com/ugd/baa514_cfd35bedce8c4267bd35bb1c9deb8dfb.pdf?index=true
  • https://5fb42ee6-a9be-400a-98f2-f9d4b9f720c8.filesusr.com/ugd/1813b3_0c4035d947224d238a6b5dd5c0c587c6.pdf?index=true
  • http://luxupovokajaf.onlinewebshop.net/37770367091.pdf
  • https://4de1274e-a26b-4e71-a0d1-d86f0cfee7ee.filesusr.com/ugd/ee4d88_595c89f944d94781bbe9796e7ed07467.pdf?index=true
  • https://s3.amazonaws.com/toniseligiwuzux/le_petit_nicolas_film_en_entier_francais.pdf
  • http://xamukipadu.myartsonline.com/lightning_protection_system_design.pdf
  • https://s3.amazonaws.com/fadadedezeker/how_long_to_cook_chicken_kabobs_on_george_foreman_grill.pdf
  • https://s3.amazonaws.com/tonemakopinibem/85219426360.pdf
  • http://vepawipexujobok.epizy.com/unravel_me_lyrics_tokyo_ghoul.pdf
  • https://s3.amazonaws.com/jivala/chainsmokers_songs_list.pdf
  • http://futuwerelak.epizy.com/23872267950.pdf
  • https://s3.amazonaws.com/sakaburepagase/57743977106.pdf
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.