Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://jumiwimov.ru/strik?utm_term=medical+surgical+nursing+10th+edition+elsevier

  • http://o-karte-kopilka.com/8285270084b3put.pdf
  • http://onlinetiser.website/foxconn_h61_motherboard_specspnzo5.pdf
  • http://fb-pageunderreview.com/wewuto4t3w.pdf
  • http://legumajati.22web.org/zoribejofaxofiviratab.pdf
  • http://lifegirls.site/flying_birds_sound_effects_freenr850.pdf
  • http://lolkek.xyz/xumofajifexomuloxafapulopptszd.pdf
  • http://registrat.space/lunastra_field_guidej7nwa.pdf
  • http://bitcoinlearningcentre.online/divisibility_worksheet_for_grade_4n6nuh.pdf
  • http://ukrdomonis.xyz/g-shock_rangeman_gw-9400_price2vcem.pdf
  • http://fastpeysistem.online/fundamental_theorem_of_calculus_part_1_explainededzjo.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://www.daltonmaag.com/
  • https://a134ef9b-a212-4d8e-a35f-da3d896bbd40.filesusr.com/ugd/dadc92_2c3518855e68420394ba5731a638bef9.pdf?index=true
  • https://uploads.strikinglycdn.com/files/3e9d0fcf-32a1-401b-8b83-4eee648e5a39/new_england_patriots_news_and_rumors_2019.pdf
  • https://uploads.strikinglycdn.com/files/d4d57691-faa7-4b4a-b758-0cb66c255b5b/87444728782.pdf
  • https://s3.amazonaws.com/vukujidor/death_note_anime_characters_database.pdf
  • http://kefujamulewim.epizy.com/income_tax_slabs_for_ay_2020_20.pdf
  • https://uploads.strikinglycdn.com/files/d0683796-e523-481b-a787-9eaf84f3917e/how_to_connect_bluetooth_on_jvc_kd-r320.pdf
  • https://a68e2ff5-bf17-48e3-82d4-ceb975b85758.filesusr.com/ugd/760101_fd1258f80dbc4d2fa810b302defb0374.pdf?index=true
  • http://gisinazujawapub.epizy.com/xoredokadawadox.pdf
  • https://s3.amazonaws.com/nakuzafol/18558510606.pdf
  • https://394fded3-a37f-45fe-8092-07e0884d2d31.filesusr.com/ugd/bdbc91_0170ed0a34a345cd86db7a9b3bff5dc1.pdf?index=true
  • https://5ccda086-29c7-4024-8a93-689df1f3b89c.filesusr.com/ugd/ed8107_f73f044b25be4749aad65a556a509bc8.pdf?index=true
  • https://s3.amazonaws.com/zuguvoxoki/watch_the_magicians_season_5_episode_1_full_episode.pdf
  • https://uploads.strikinglycdn.com/files/05294ba9-52b4-4562-afa6-3acf64eb0d5c/lupujo.pdf
  • https://uploads.strikinglycdn.com/files/4e9286f4-1e5f-4d4a-ba58-d45313a6bab9/big_green_egg_cook_chicken.pdf
  • https://36fc1fe3-b646-4cc1-b6e9-de51469aea27.filesusr.com/ugd/3eb4bd_f97e52d04198474ea24e5f92f287cfe0.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.