Malicious PDF — malware analysis report

Heuristics 4

• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• Remote GoTo action info PDF_GOTO_REMOTE
  PDF has GoToR/GoToE actions that reference sibling document files — typical of multi-part document bundles
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://dormister.com/benecke/ZG93bmxvYWR8M1JFT1dRMmRIeDhNVFkxTmprNE1UVXdOSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/choosing/clonic/?wright.UGhvdG9zaG9wIENDIDIwMTUUGh&epstein=fairbanks

  • https://www.gift4kids.org/wp-content/uploads/2022/07/sanwas.pdf
  • https://calm-beach-06248.herokuapp.com/yedfar.pdf
  • https://sheltered-falls-08025.herokuapp.com/creavir.pdf
  • http://wikicando.com/wp-content/uploads/Photoshop_CS6_universal_keygen___Download_PCWindows.pdf
  • https://calm-bastion-36228.herokuapp.com/Photoshop_2022_Version_231.pdf
  • https://shrouded-tor-10430.herokuapp.com/alfthor.pdf
  • https://mighty-hamlet-30013.herokuapp.com/Photoshop_2021_Version_222.pdf
  • https://secure-savannah-29256.herokuapp.com/Adobe_Photoshop_CC_2019_version_20.pdf
  • https://mighty-waters-80382.herokuapp.com/jarhal.pdf
  • https://lordwillprovide.com/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2015_Version_16_Activation_Code_With_Keygen_Free_For_PC_Latest.pdf
  • https://travelsarkar.com/wp-content/uploads/2022/07/chejai.pdf
  • https://brandyallen.com/wp-content/uploads/2022/07/Photoshop_2021_version_22_keygenexe__With_Serial_Key_Free_MacWin_Updated_2022.pdf
  • https://conexionfit.net/wp-content/uploads/2022/07/henrbalf.pdf
  • https://peaceful-cove-03059.herokuapp.com/caszave.pdf
  • https://undergroundstudio.it/wp-content/uploads/2022/07/kalhar.pdf
  • https://seo-focus.com/wp-content/uploads/2022/07/Photoshop_2020.pdf
  • https://4healthynature.com/wp-content/uploads/2022/07/randjael.pdf
  • https://www.zmiksowane.com/wp-content/uploads/2022/07/manttong.pdf
  • https://secretcs2020.com/wp-content/uploads/2022/07/amadgran.pdf
  • https://cuteteddybearpuppies.com/wp-content/uploads/2022/07/dorwes.pdf
  • https://sleepy-ridge-49166.herokuapp.com/Adobe_Photoshop_CC.pdf
  • http://eastleeds.online/wp-content/uploads/2022/07/baldkae.pdf
  • https://stormy-escarpment-53460.herokuapp.com/jamvoj.pdf
  • https://jovenesvip.com/wp-content/uploads/2022/07/counyane.pdf
  • https://shipping200.com/wp-content/uploads/2022/07/Photoshop_2022_Version_2302.pdf
  • http://www.gea-pn.it/wp-content/uploads/2022/07/Photoshop_2022_Version_230.pdf
  • http://wikicando.com/wp-
  • https://lordwillprovide.com/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2015_Version_16_Activ
  • https://brandyallen.com/wp-content/uploads/2022/07/Photoshop_2021_version_22_keygenexe__With_
  • https://wakelet.com/wake/PA6SFqzOhUx_skSy5CxUs
  • https://wakelet.com/wake/Q3wU9b2-2XOzzpvWG6UJj
  • https://wakelet.com/wake/RXQ21O4Khx26Rei8XST5h
  • http://www.tcpdf.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://www.aiim.org/pdfa/ns/extension/
  • http://www.aiim.org/pdfa/ns/schema#
  • http://www.aiim.org/pdfa/ns/property#
  • http://www.aiim.org/pdfa/ns/id/

Open this report in the interactive analyzer, or submit your own file for analysis.