Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://kuzutuzo.ru/strik?utm_term=denon+avr+1910+best+settings

  • https://cdn.sqhk.co/mujowofapubi/xeifjcD/dual_screen_anime_wallpaper.pdf
  • http://zevewidojodot.mywebcommunity.org/is_the_canon_ts3322_printer_compatible_with_chromebook.pdf
  • https://cdn.sqhk.co/sirepajaku/jN6gfhi/need_for_speed_most_wanted_remastered_download.pdf
  • http://springtea.space/future_song_mp3_downloado0btq.pdf
  • http://apparently-home.com/how_long_does_it_take_to_charge_studio_3_beatsr57fc.pdf
  • https://cdn.sqhk.co/wujozuzewed/cczjjnN/91888042606.pdf
  • http://my-credit.info/calendar_method_of_contraceptiona5asu.pdf
  • http://zuvels.xyz/dupokulugejktifb.pdf
  • http://znasila.ru/amma_bhagavan_video_songso8595.pdf
  • http://pasikufopubiwo.mypressonline.com/jetuk.pdf
  • http://solusaxisabo.scienceontheweb.net/central_limit_theorem_worksheet.pdf
  • http://vowugewekoperak.iblogger.org/bleach_brave_souls_apk_9._0._4.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/3f150359-f21e-4802-ae3a-b1fd2ff8d24d/how_to_remove_blocked_calls_from_panasonic_phone.pdf
  • https://uploads.strikinglycdn.com/files/3d52598b-e58d-4eef-b304-2596044ca9f8/xavezotan.pdf
  • http://releboxodaw.rf.gd/23812014148.pdf
  • https://uploads.strikinglycdn.com/files/919ddf3a-018e-416e-b3d1-995b98a50bd7/pelupiwugosuxilu.pdf
  • https://uploads.strikinglycdn.com/files/7d34a643-de32-4319-b3a2-460b385b5c7c/what_can_be_cooked_on_a_griddle.pdf
  • http://lesexugisitu.rf.gd/why_is_my_xfinity_x1_box_not_working.pdf
  • http://sepenoneregepe.rf.gd/80852294779.pdf
  • https://uploads.strikinglycdn.com/files/7c78d169-c054-40a5-9441-9b4dcfd875e2/16534813788.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL
  • http://dejavu.sourceforge.net
  • http://dejavu.sourceforge.net/wiki/index.php/License

Open this report in the interactive analyzer, or submit your own file for analysis.