Malicious PDF — malware analysis report

Heuristics 4

• QR-code redirect lure medium SE_QR_LURE
  Document instructs the user to scan a QR code with a phone — consistent with QR phishing, but also common in legitimate documents
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://netcdn.xyz/app/479516143/minecraft-mods-download-free-game-hack

  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/roblox-hack-2021_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-robux-codes-no-verification_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/minecraft-java-edition-free_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-robux-no-survey_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-minecraft-skins_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-robux-games_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/how-to-hack-someones-account-on-roblox_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/minecraft-skins-free-girl_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-robux-hack-generator_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/minecraft-story-mode-free_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/how-to-get-free-tiktok-fans_GM835599320.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/how-to-get-free-robux-2021-no-human-verification_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/games-that-give-you-free-robux_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/how-to-hack-into-someones-roblox-account_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-minecraft-accounts-reddit_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/rblx-gg-free-robux_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/free-roblox-accounts-with-robux-2021_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/roblox-studio-free-robux_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/roblox-free-robux-generator_GM431946152.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/tiktok-follower-bot-free_GM835599320.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/how-to-get-minecraft-for-free-on-pc_GM479516143.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/coin-master-free-spins-and-coins-daily_GM406889139.pdf
  • https://caotangmen.org/wp-content/uploads/sites/17/fsqm-files/roblox-fun-com-free-robux_GM431946152.pdf
  • https://sigmaclient.info#2
  • https://flux.today#3
  • https://www.yout
  • http://en.wikipedia.org/wiki/MIT_License

Open this report in the interactive analyzer, or submit your own file for analysis.