Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://baarspo.ru/strik?utm_term=the+wicket+gate+kingdom+come+wiki PDF link annotation

  • http://lnstagram-help-businesss.com/ranekijubumanofixuteruruw9z8s.pdfIn PDF document text
  • http://befelofote.iblogger.org/75577737343.pdfIn PDF document text
  • http://wide-take.top/496465833773embb.pdfIn PDF document text
  • http://baliferifopiz.mypressonline.com/prehistory_dk_bhattacharya.pdfIn PDF document text
  • http://cmbclientes.com/english_grammar_tenses_rules_in_urduh4q3z.pdfIn PDF document text
  • http://itdiscount.pro/introduction_to_node.js_pptchkko.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • http://fedorahosted.org/lohitIn PDF document text
  • https://s3.amazonaws.com/pavujiniz/information_architecture_template_document.pdfIn PDF document text
  • https://s3.amazonaws.com/tarizirefevifab/merrill_lynch_mortgage_investors_trust_series_2006-sl2.pdfIn PDF document text
  • https://s3.amazonaws.com/rijaliwiguvex/74168510790.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/a0a95172-c7fe-4d06-af4d-96d48e356805/how_to_write_a_dateline_in_ap_style.pdfIn PDF document text
  • https://931f52e6-cb68-4a93-8e02-54808d33f8b6.filesusr.com/ugd/6290de_a972a8d3cab349d985b60f9883c9c7af.pdf?index=trueIn PDF document text
  • https://uploads.strikinglycdn.com/files/9f4caa3a-3394-45aa-845c-2323797932a6/30565953712.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/f63ff6f0-370d-4f5b-8510-2a61fd0794c9/kuwozuvozido.pdfIn PDF document text
  • http://kopolug.myartsonline.com/55995085992.pdfIn PDF document text
  • http://zezogif.rf.gd/sweatcoin_apk_mod.pdfIn PDF document text
  • https://s3.amazonaws.com/mexesazaxasa/what_causes_discolored_front_teeth.pdfIn PDF document text
  • https://b9387e75-0942-48a6-8a47-0bd3f0224277.filesusr.com/ugd/fc485c_ce03a8e5919549ffbe8e864984ca8038.pdf?index=trueIn PDF document text
  • https://s3.amazonaws.com/panalipolifod/bezijakudugal.pdfIn PDF document text
  • http://getapumofibejop.epizy.com/christmas_song_back_number_instrumental.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/40d29ab4-3f2d-432d-9b61-49a203a0f3ed/nustep_trs_4000_specs.pdfIn PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.