Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://soxebez.ru/award?keyword=bsc+1st+year+maths+syllabus+pdf+download PDF link annotation

  • https://static.s123-cdn-static.com/uploads/4466664/normal_5fe5032a4d44a.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4427504/normal_600897f7765bd.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4445877/normal_5fe05d95d5976.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4453335/normal_6012784a80bd1.pdfIn PDF document text
  • http://arthromedshop.xyz/kegofasupexox4xg.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4454819/normal_5fe09cb163e34.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4379045/normal_5fd329c9b4fd7.pdfIn PDF document text
  • https://cdn.sqhk.co/virurewev/Q5tjiv4/90209772260.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4377936/normal_60406b8dc9d0c.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4473638/normal_603154b75cb22.pdfIn PDF document text
  • http://makeyourself.xyz/real_piano_teacher_app_reviewo4vq4.pdfIn PDF document text
  • https://cdn.sqhk.co/pufuxogife/jdman1T/88407839318.pdfIn PDF document text
  • https://cdn.sqhk.co/pemoxeriko/jagIhao/my_talking_tom_funny_videos.pdfIn PDF document text
  • https://cdn.sqhk.co/juxefirapuf/eNjdtje/zanav.pdfIn PDF document text
  • https://cdn.sqhk.co/disidudi/jfGjhic/kefurodilijirafefegifuso.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4393181/normal_605453c6acebf.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4489969/normal_5fcacab0a6f44.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4494891/normal_604802b7c935a.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • http://fedorahosted.org/lohitIn PDF document text
  • https://uploads.strikinglycdn.com/files/e2666be9-28e3-4afb-96b1-c16e610faf3e/verubakojoruxupopodefono.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/46cb54ba-7b3a-47c6-93f2-ef224c2bd00a/krashen_theory_of_second_language_acquisition_slideshare.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/f88849ba-f880-4394-8f65-518923b39a71/software_developer_jobs_in_canada_salary.pdfIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.