Malicious PDF — malware analysis report

Heuristics 5

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Fake CAPTCHA / human verification prompt high SE_FAKE_CAPTCHA
  Document displays a fake CAPTCHA or human-verification prompt — used to trick users into running commands or pressing keyboard shortcuts
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://netcdn.tw/app/431946152/how-to-get-1-million-robux-hack-by-inspecting-robux-game-hack

  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/free-roblox-girl-accounts-with-robux_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/coin-master-15-free-spin-link-of-last-5-days_GM406889139.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/rare-roblox-hacked-face_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/how-to-get-free-spins-on-coin-master_GM406889139.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/free-robux-generator-tool-download_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/free-promo-codes-for-robux_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/coin-master-free-blogspot_GM406889139.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/hack-tool-roblox-pokemon-adventures_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/como-desbloquear-un-cuenta-hackeada-de-roblox_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/minecraft-online-free-no-download_GM479516143.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/is-minecraft-free-on-pc_GM479516143.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/how-to-speed-hack-in-swordburst-2-in-roblox-2021_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/free-superhero-roblox_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/roblox-robux-generator-tool-2021-robux-hack-robux-free_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/coin-master-free-spin-codes_GM406889139.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/coin-master-free-spins-link-2021_GM406889139.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/free-robux-for-tablet-pro_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/cruise-ship-tycoon-hack-roblox_GM431946152.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/tiktok-followers-for-free_GM835599320.pdf
  • https://zbych-pol.pl/wp-content/uploads/fsqm-files/roblox-cheat-engine-the-streets_GM431946152.pdf
  • http://en.wikipedia.org/wiki/MIT_License

Open this report in the interactive analyzer, or submit your own file for analysis.