Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF link to algorithmically-generated URL high PDF_RANDOM_URL_LINK
  PDF contains a clickable HTTP(S) link whose host looks algorithmically generated (pronounceable-random labels) and whose path/query carries a long high-entropy token. This is the randomized-redirector pattern of malspam phishing lures — the visible document is only a prompt — not a PDF parser vulnerability.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://emailgoal.com/catalog/montmarte.fuchs/layoff/ZG93bmxvYWR8TXAzYURSaGRIeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA.Y2l0eSBjYXIgZHJpdmluZyAxLjIuMiBzZXJpYWwga2V5Y2l/ramla/surcharge.unicefusa

  • https://www.olivegin.com/wp-content/uploads/2022/07/Kd_Max_Kitchen_Design_Software_UPD_Crack_Website.pdf
  • https://madeinamericabest.com/wp-content/uploads/2022/07/Solucionariodeanalisisvectorialmurrayrspiegelserieschaum-1.pdf
  • https://gsmile.app/upload/files/2022/07/ROlb9wNlJqSNF6npjmba_08_045a8a6663000df9bf7a7c8470905c9f_file.pdf
  • http://www.rathisteelindustries.com/wazzap-migrator-cracked-apk-for-android-hot/
  • http://chat.xumk.cn/upload/files/2022/07/QhFV4zRU4ZnEwJjOkhcd_08_045a8a6663000df9bf7a7c8470905c9f_file.pdf
  • https://www.gayleatherbiker.de/upload/files/2022/07/pzviFkmL6s6HUDBZTZyf_08_da1377ca758b1a0efc276c4c497cfa70_file.pdf
  • https://themesotheliomacancer.com/wp-content/uploads/2022/07/Amibcp_453.pdf
  • https://mandarininfo.com/corel-multi-products-keygen-by-blizzard-exclusive/
  • https://likesmeet.com/upload/files/2022/07/hj8LfcXOZdTlVAULLoOK_08_045a8a6663000df9bf7a7c8470905c9f_file.pdf
  • https://xplico.no/wp-content/uploads/2022/07/vray_material_library_download_free_torrent.pdf
  • https://theborejan.com/reloader-activator-3-4-download-latest-2020-office-windows-activator-hot/
  • http://montehogar.com/?p=32504
  • https://vkraini.com/upload/files/2022/07/YqTGgg3bEe22Ehm8JC2w_08_da1377ca758b1a0efc276c4c497cfa70_file.pdf
  • https://ledlights.blog/wp-content/uploads/2022/07/manell.pdf
  • http://itkursove.bg/wp-content/uploads/2022/07/RadioBOSS_Advanced_5607_Crack_NEW.pdf
  • http://xn----7sbahcaua4bk0afb7c9e.xn--p1ai/wp-content/uploads/2022/07/Himala_Miracle_1982_Restored_Version_2012_720p_DVDRip_Elitep.pdf
  • https://mandarinrecruitment.com/system/files/webform/kode-aktivasi-camfrog-pro-63-free-full-download-crack-21.pdf
  • https://recreovirales.com/wp-content/uploads/2022/07/hedgulul.pdf
  • https://linguistics.washington.edu/system/files/webform/crack-autodesk-autocad-201802-final-x86-x64-keygen.pdf
  • https://www.engr.uky.edu/system/files/webform/chabour729.pdf
  • http://www.tcpdf.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.