Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Dropper.Agent-9090924-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Dropper.Agent-9090924-0
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://uncpbisdegree.com/download3.php?q=the-last-templar-knights-templar-mysteries-book-1.pdf

  • http://uncpbisdegree.com/download4.php?q=the-last-templar-knights-templar-mysteries-book-1.pdf
  • http://templarhistory.com/
  • http://knightstemplarvault.com/knights-templars-prayer/
  • http://www.knightstemplarorder.org/templars-freemasons/
  • http://www.forbiddensymbols.com/knights-templar/
  • http://www.knightstemplarorder.org/secret-societies/
  • http://www.cuttingedge.org/news/n1165.cfm
  • http://www.knightstemplar.org/KnightTemplar/articles/quest.htm
  • http://www.secretsofmasons.com/
  • http://www.biblebelievers.org.au/masonic.htm
  • http://www.jasoncolavito.com/blog/british-investigator-claims-victorian-lapel-pin-is-secret-templar-treasure-map
  • http://www.jasoncolavito.com/blog/america-unearthed-deleted-scene-nova-scotia-flag-is-templar-holy-bloodline-treasure-map
  • http://librarybooklists.org/fiction/adult/mystery.htm
  • http://www.maat.sofiatopia.org/ten_keys.htm
  • http://uncpbisdegree.com/1/someone-i-love-is-gay-how-family-friends-can-respond.pdf
  • http://riverside-resort.net/1/valley-publishing-company-instructor-manual.pdf
  • http://riverside-resort.net/1/vl-2000-yaesu.pdf
  • http://uncpbisdegree.com/1/statistics-the-behavioral-social-sciences.pdf
  • http://uncpbisdegree.com/1/the-grey-elk.pdf
  • http://uncpbisdegree.com/1/solution-manual-for-gilat-introduction-to-matlab.pdf
  • http://uncpbisdegree.com/1/simplex-4100u-programming-manual.pdf
  • http://riverside-resort.net/1/worksheet-for-basic-stoichiometry.pdf
  • http://uncpbisdegree.com/1/teddy-roosevelt-republican-or-democrat.pdf
  • http://uncpbisdegree.com/1/sss1-civiceducation-2018.pdf
  • http://www.jasoncolavito.com/blog/america-unearthed-deleted-scene-nova-scotia
  • https://en.wikipedia.org/wiki/Knights_Templar
  • https://en.wikipedia.org/wiki/Knights_Templar_legends
  • http://www.bibliotecapleyades.net/sociopolitica/sociopol_masonsknightstemplar05.htm
  • http://www.ancient-origins.net/myths-legends/greed-and-decline-treasure-knights-templar-and-their-downfall-004668
  • http://www.ancient-origins.net/history-famous-people/guilt-gnostic-knights-templar-chinon-parchment-005434
  • http://whale.to/b/eye_s.html
  • http://store.steampowered.com/search/?filter=weeklongdeals/
  • http://www.bibliotecapleyades.net/cienciareal/babylon02.htm
  • http://go.microsoft.com/fwlink/?LinkId=521839&CLCID=0409
  • http://go.microsoft.com/fwlink/?LinkID=246338&CLCID=0409
  • https://go.microsoft.com/fwlink/?linkid=868922
  • http://go.microsoft.com/fwlink/?LinkID=286759&CLCID=409
  • http://go.microsoft.com/fwlink/?LinkID=617297

Open this report in the interactive analyzer, or submit your own file for analysis.