Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://maypoin.ru/award?keyword=alagappa+university+dde+exam+time+table+december+2020+pdf

  • http://kudukulid.22web.org/latest_bollywood_movies_free_khatrimaza.pdf
  • http://visiblawty.com/zujatawobagibilezutumapob1gm.pdf
  • http://tizadejaso.getenjoyment.net/zoxovexe.pdf
  • http://noxaduva.mypressonline.com/trimble_access_general_survey_user_guide.pdf
  • http://lofeboxirav.iblogger.org/tai_chi_24_form_back_view.pdf
  • http://cmb-accueil.com/palowelozepixubobod0cbbx.pdf
  • http://jekenufakewe.mypressonline.com/kaz_humidifier_v745a_manual.pdf
  • http://jikusofare.mywebcommunity.org/creative_chordal_harmony_for_guitar_free.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/5e6fcab6-b8a5-454c-aead-1dff950c22bd/95806021016.pdf
  • https://s3.amazonaws.com/dukavunivifa/choreiform_movements_pronunciation.pdf
  • https://76c9fb28-c10e-4950-85be-37de24a2ede8.filesusr.com/ugd/fa32a6_74e375149590404db879df373ab00c2a.pdf?index=true
  • https://s3.amazonaws.com/vofadoloves/gelisugiwovepusopasanug.pdf
  • https://uploads.strikinglycdn.com/files/df5ddbfb-6db7-4fef-913c-1989398ea694/warm_bodies_trailer_reaction.pdf
  • https://b20aee1f-b1b7-4e4e-be5e-d884e4ece670.filesusr.com/ugd/10e3af_b757895f056e456b85acb7d6f2b97749.pdf?index=true
  • https://a5a7f18c-b887-48a0-80cc-3627c14345d5.filesusr.com/ugd/609f59_a555b4aa0e564a6bb6b2c2b990830b37.pdf?index=true
  • https://858e1da1-ad31-4e5b-aec0-89c59c6c71f6.filesusr.com/ugd/6240f8_7801024247eb4ec3a9849484d2763674.pdf?index=true
  • http://toxanezijar.rf.gd/tagevonularogosozumeno.pdf
  • https://s3.amazonaws.com/watajive/bahubali_2_songs_free_doregama.pdf
  • https://uploads.strikinglycdn.com/files/a2464e4b-d209-4fac-9458-5f8ce36643af/28834366485.pdf
  • http://rinalixuli.rf.gd/basic_electronics_interview_questions_and_answers_for_freshers_in_hindi.pdf
  • https://76df98a8-3e94-4eee-a6f5-23e1de06049b.filesusr.com/ugd/54c74c_165616f4d7204961a4db163bc8b6868e.pdf?index=true
  • https://s3.amazonaws.com/timeziso/receipt_template_uk_word_free.pdf
  • http://kitukogoxav.epizy.com/a_project_report_on_financial_performance_analysis.pdf
  • https://uploads.strikinglycdn.com/files/429a04e2-ea2d-4fc8-91f6-ebb7c7eb6c3a/37012694000.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.