Malicious PDF — malware analysis report

Heuristics 4

• PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK
  PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Image-only document with action trigger (screenshot lure) medium PDF_IMAGE_LURE
  PDF has 1 image(s), only 0 text block(s), carries a click-outward action, and is only 18 KB — typical shape of a phishing lure where a full-page screenshot hides a clickable button that launches or submits to an attacker URL.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://cctraff.ru/aws?keyword=point+click+care+user+manual

  • https://cdn-cms.f-static.net/uploads/4378175/normal_5f96318621df8.pdf
  • https://cdn-cms.f-static.net/uploads/4378167/normal_5f8ed161b54b4.pdf
  • https://vebaxifi.weebly.com/uploads/1/3/4/3/134360040/seximiv.pdf
  • https://cdn-cms.f-static.net/uploads/4367668/normal_5f8789dd8ceca.pdf
  • https://cdn-cms.f-static.net/uploads/4412780/normal_5f9564c06cb8c.pdf
  • https://cdn-cms.f-static.net/uploads/4390092/normal_5f952de928942.pdf
  • https://putigazabikikim.weebly.com/uploads/1/3/2/6/132682718/4c7af57c7d5b9.pdf
  • https://cdn-cms.f-static.net/uploads/4375195/normal_5f9173e06aff2.pdf
  • https://cdn-cms.f-static.net/uploads/4365660/normal_5f8705d6cd4df.pdf
  • https://nuzixusimupe.weebly.com/uploads/1/3/4/3/134306281/389596.pdf
  • https://cdn-cms.f-static.net/uploads/4367305/normal_5f97785cc2654.pdf
  • https://cdn-cms.f-static.net/uploads/4402711/normal_5f986f5600c64.pdf
  • https://cdn-cms.f-static.net/uploads/4366316/normal_5f928acc9ca67.pdf
  • https://s3.amazonaws.com/muvemasoxaji/sami_awad_aldeeb_abu-_sahlieh.pdf
  • https://uploads.strikinglycdn.com/files/1686a8f4-7f58-4c74-9fd1-e7fa40032a9e/51609298471.pdf
  • https://uploads.strikinglycdn.com/files/c0db6cae-3f14-4388-ac48-8a89cbb22bbe/dubegojenobimurufite.pdf
  • https://uploads.strikinglycdn.com/files/1700d287-c4de-4763-984c-cd9359e72fe4/solucionario_diseo_en_ingenieria_mecanica_shigley_9_edicion.pdf
  • https://s3.amazonaws.com/memul/baroduvekugumuluj.pdf
  • https://uploads.strikinglycdn.com/files/1e6108ae-5369-4900-b456-37747e7e5544/nosuguwogexewavinikerimo.pdf
  • https://uploads.strikinglycdn.com/files/29281855-6d28-4529-ba7e-adbcb3acd013/redomafivenip.pdf
  • https://uploads.strikinglycdn.com/files/e8847010-7fa4-415a-9650-93a5f0602b7d/isuzu_npr_hd_service_manual.pdf
  • https://s3.amazonaws.com/gupuso/556375356.pdf
  • https://uploads.strikinglycdn.com/files/d3333f9e-9cc3-42fc-833b-14ee83a71653/jipajebitubijixizaja.pdf
  • https://uploads.strikinglycdn.com/files/673cbb8b-f208-4483-b9ef-7dfea0265318/76142319354.pdf
  • https://s3.amazonaws.com/sugaguxagu/the_impact_of_agile_methods_on_software_project_management.pdf
  • https://uploads.strikinglycdn.com/files/173fa88c-dde4-4fcc-8579-3f6d176d53f7/tamewideva.pdf

Open this report in the interactive analyzer, or submit your own file for analysis.