Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://zajinet.ru/award?keyword=boundary+scan+description+language+pdf

  • http://vefavirona.22web.org/playing_cards_games_pc.pdf
  • https://joletumutete.weebly.com/uploads/1/3/4/8/134871701/1fdaae69b7a49c.pdf
  • http://roflan.site/74560535882we4t3.pdf
  • http://yachts-4-sale.com/donelaganodijyu1a.pdf
  • http://thedefenseforge.com/nodililibosrejxf.pdf
  • https://taxajoberaruvu.weebly.com/uploads/1/3/4/3/134320235/ledudaralirujul-pisomirufi.pdf
  • http://trudogoliya.online/calculating_average_atomic_mass_practice_worksheetqg593.pdf
  • http://fovorowo.22web.org/accounting_equation_and_balance_sheet.pdf
  • http://idealicacolumbia.site/kogilividejasowadamysxb7.pdf
  • http://hytri.com/rolimovovevugemofibzc6w.pdf
  • http://subonus.ru/notice_of_disciplinary_action_template_south_africadtzqo.pdf
  • http://xsafak.com/como_orar_al_espiritu_santo_cristianosgo1ku.pdf
  • https://roriwemako.weebly.com/uploads/1/3/4/5/134599113/6632246.pdf
  • http://itdiscounts.info/94270182802p2lu3.pdf
  • http://foxareb.22web.org/batch_file_examples.pdf
  • http://bionatur.space/porter_cable_c2002_manualvfvfu.pdf
  • https://divamokavagi.weebly.com/uploads/1/3/4/8/134871471/4023976.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/7685ea06-1c0b-4a89-bd69-c0c4bfafe5a7/the_spectacular_now_movie_cast.pdf
  • https://uploads.strikinglycdn.com/files/6d0cf818-7a08-4fea-9788-0c65f4a6bcff/assuntos_de_historia_que_cai_no_enem.pdf
  • https://6afed14e-2b01-442b-8c2e-11a8a6f39965.filesusr.com/ugd/46a5ae_52d17b309a784e7eb4d69fe7c3ba81f8.pdf?index=true
  • https://uploads.strikinglycdn.com/files/763cfa76-347a-4e01-9a97-931e5af78727/52864079482.pdf
  • http://zukagebogewivur.epizy.com/nord_vpn_apkpure.pdf
  • https://d85b1738-a471-4043-b59e-116b2bb794a3.filesusr.com/ugd/97927e_a5d9c8fd816a437a837840ef02dfbf92.pdf?index=true
  • https://uploads.strikinglycdn.com/files/5b118e83-703f-46e6-8cd9-ccd6a23ce71a/lobovibonobaxotisurur.pdf
  • https://314a97e4-cc7b-499c-a999-42b15fb65c39.filesusr.com/ugd/fa4a73_246d73002d85416589e5b95a2b0be6db.pdf?index=true
  • http://vofolosozoz.epizy.com/sandisk_sport_clip_plus_bluetooth_pairing.pdf
  • https://933afb0c-60ca-4ff4-ba38-e7c804ca925d.filesusr.com/ugd/941881_81d5b13ffe6248f9b6a7c0df5636f5c9.pdf?index=true
  • https://7f03322d-63d6-449b-a8c2-a80beffeb2b6.filesusr.com/ugd/2994dd_fe62c21a6a3f4e02a9b623042fa4b62f.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.