Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://botokaw.ru/wix?keyword=kaze+emanuar+hacks

  • https://cdn.sqhk.co/datimemovuko/SbkL1gd/18675384003.pdf
  • http://raisinsapp.pro/how_to_fix_a_leaky_delta_shower_handleeawj7.pdf
  • https://cdn.sqhk.co/sigidezok/xgdjbii/learn_python_for_free_with_certificate.pdf
  • http://good-production20.site/tp_link_router_archer_c59_manual5ms4p.pdf
  • http://instapodarok365.site/how_much_sugar_is_in_dunkin_donuts_pumpkin_swirlh4el5.pdf
  • https://cdn.sqhk.co/pesuxitum/iEggjjL/cymatics_hearts_2_free_download.pdf
  • https://cdn.sqhk.co/somepizeko/a1jjAij/gawixo.pdf
  • https://cdn.sqhk.co/xubafofin/jjj4Dgj/77547931546.pdf
  • https://cdn.sqhk.co/tufuboloruj/jiggfRx/10160051390.pdf
  • https://cdn.sqhk.co/pixorikibam/4ghjcYF/5897116497.pdf
  • https://cdn.sqhk.co/vapitinab/rgThehb/nobogutenavadaturukux.pdf
  • http://formulamoney.top/88420227378wr83a.pdf
  • https://cdn.sqhk.co/visobipibe/1dhcqhc/netflix_movies_apk_download.pdf
  • https://cdn.sqhk.co/zavilisuga/jd9A7e6/popular_star_wars_apps.pdf
  • https://cdn.sqhk.co/jibenapola/hbgjGiT/flying_car_robot_3d_game.pdf
  • https://cdn.sqhk.co/benibavagoge/ajjbhfe/53322281170.pdf
  • http://italywow.space/lord_of_the_flies_movie_1990_analysissed1b.pdf
  • http://my-favshopg.online/2004_johnson_outboard_manualop1fd.pdf
  • https://cdn.sqhk.co/zinazejoras/sjffCic/gesakad.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/00524d4e-65c9-4650-8feb-750b63d29bb4/23982181491.pdf
  • https://uploads.strikinglycdn.com/files/d576a99f-d843-4e80-979b-4978bd13894f/fallout_new_vegas_nexus_mods_categories.pdf
  • https://uploads.strikinglycdn.com/files/f3596544-693d-4c44-a9f4-a9d4557a90ce/kitchenaid_superba_microwave_oven_combo_kaw38avm726.pdf
  • https://uploads.strikinglycdn.com/files/69a01ddb-7025-49b5-93ee-d30a1d6408af/modefa.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.