Malicious PDF — malware analysis report

Heuristics 4

• PDF links to known malicious redirector infrastructure critical PDF_MALICIOUS_REDIRECTOR_LINK
  PDF contains a clickable URI to redirector infrastructure used by a known malicious PDF SEO/adware delivery campaign. These documents typically rely on user interaction and redirect chains rather than a PDF parser vulnerability.
• Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
  Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
• PDF differential parser failed info PDF_DIFFERENTIAL_PARSE_FAILED
  The cross-check parser (pdfminer.six) failed on this file: PDF differential parser failed: PDFSyntaxError. Static heuristics still ran and any of their findings above are valid; only the differential cross-check signal is missing.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ggtraff.ru/aws?keyword=free+ebooks+pdf+learning+russian+download In PDF document text

  • https://cdn-cms.f-static.net/uploads/4379369/normal_5f905b95f35fb.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4368964/normal_5f8951c1f3393.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4369511/normal_5f8b76c9bb1d4.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4365601/normal_5f8712369f939.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4368249/normal_5f88a1da8e0e2.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://s3.amazonaws.com/zetare/gorukunegufavenexidumed.pdfIn PDF document text
  • https://s3.amazonaws.com/takateg/atmega328p_datasheet.pdfIn PDF document text
  • https://s3.amazonaws.com/tadovu/html_tags.pdfIn PDF document text
  • https://s3.amazonaws.com/zuxadol/sejunupewogulu.pdfIn PDF document text
  • https://s3.amazonaws.com/zetare/bobeziguxi.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/08033485-bcc9-443e-9a5e-c9da923310db/86780172117.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/3f89b04a-fbc1-499f-bc06-2dfb12b5c793/15601313414.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/79f2c845-8dcc-4068-843f-d89bf094b02b/6793889666.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/e9b8d5be-faff-4eea-b7a8-90aef8cd3baa/6591704169.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0431/1698/6534/files/fingerprint_analysis_worksheet.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0493/7534/6847/files/zebifitovatevamazag.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0499/8397/9680/files/dovipuwabosolipoloxalunu.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0436/2413/6864/files/alaskan_truck_simulator_download_android.pdfIn PDF document text
  • https://cdn.shopify.com/s/files/1/0470/9675/8430/files/west_hartford_public_school_vacation_calendar.pdfIn PDF document text
  • https://s3.amazonaws.com/fasanag/44314381907.pdfIn PDF document text
  • https://s3.amazonaws.com/kavitokolezub/calories_in_food_chart.pdfIn PDF document text
  • https://s3.amazonaws.com/susopuzupure/tajupitujo.pdfIn PDF document text
  • https://s3.amazonaws.com/tadovu/bridging_the_gap_college_reading_13th_edition_free.pdfIn PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.