Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://kuzutuzo.ru/strik?utm_term=fifty+shades+of+black+2019

  • https://cdn.sqhk.co/bexutavukaro/cfhiZig/xuzasejesadafulunuvo.pdf
  • http://buyfastedcircle.xyz/cbse_class_12_physics_ncert_solutions_downloadk7l5u.pdf
  • http://naturfresh.space/99668817508x2pu0.pdf
  • https://cdn.sqhk.co/purilusevike/CgfvjdN/head_ball_2_pc_online.pdf
  • https://cdn.sqhk.co/lebapivi/ihjbhhy/dora_the_explorer_world_adventure_full_movie.pdf
  • https://cdn.sqhk.co/vuzujugasije/hfdbSjg/ten_pin_bowling_alley_turlock.pdf
  • http://casbah2point0.com/72776438179io5lv.pdf
  • http://ulekschool.online/kojigorefcvn0h.pdf
  • https://cdn.sqhk.co/xadowififux/dievyBE/wedding_doll_cake_topper.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/5b0fb09c-2255-4377-bfa3-b7d798ce203c/cuisinart_ss-10_vs_ss-10p1.pdf
  • https://uploads.strikinglycdn.com/files/9413fd0a-5411-4768-baec-be0fb3566b6e/how_do_i_calculate_compound_interest_without_formula.pdf
  • http://legigeboronomok.epizy.com/bodyboss_vk.pdf
  • https://s3.amazonaws.com/kikunojulejuj/which_of_the_following_statements_is_true_regarding_unregulated_monopolies.pdf
  • https://s3.amazonaws.com/jaloto/renamepikiw.pdf
  • https://uploads.strikinglycdn.com/files/278d3787-10b6-42eb-9e00-7b223c1b097a/24553753870.pdf
  • https://40785fcd-1e5e-4316-9306-5db1d5795eae.filesusr.com/ugd/2f07a1_743935fec7384c4a85402f1952ed610d.pdf?index=true
  • https://s3.amazonaws.com/limewub/69817476672.pdf
  • https://6196a4e6-b3b5-4a85-a139-4ec84e0a53d9.filesusr.com/ugd/d01287_8575a69589364b2fb862cd73eb380a60.pdf?index=true
  • https://6cdb29d4-22ce-4aaf-9e51-562b59d50851.filesusr.com/ugd/1b20fb_c5b931b6d1fb42c3ac2a250bfeb6f707.pdf?index=true
  • http://vaxilokenifak.epizy.com/folk_and_pop_culture_human_geography.pdf
  • https://s3.amazonaws.com/biwubeleba/gif_facebook_app.pdf
  • https://5fa60de5-32ab-41ac-ba65-77330e21e623.filesusr.com/ugd/2e16aa_8513463f684c44329abb64e4d7d88710.pdf?index=true
  • https://uploads.strikinglycdn.com/files/10f577f0-c427-41fb-bbf4-935de471a731/how_to_blend_colored_pencils_with_water.pdf
  • https://s3.amazonaws.com/warapagefasovi/troy_bilt_riding_mower_battery_size.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.