Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://zajinet.ru/award?keyword=causes+and+symptoms+of+prostate+cancer+pdf PDF link annotation

  • http://idealicait.website/kerofowukeu42oa.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4500910/normal_5fdee5717a182.pdfIn PDF document text
  • http://xomapometafa.iblogger.org/wuwubikolovedapemetetum.pdfIn PDF document text
  • http://olx-delivery.cc/ejercicios_de_fracciones_equivalentes_para_cuarto_gradobtr07.pdfIn PDF document text
  • http://edayafar.xyz/lou_gehrig_farewell_speech_purpose6f4pz.pdfIn PDF document text
  • http://barbanapoli.moscow/49022998270bg5u5.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4420604/normal_6049604ac1c14.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://s3.amazonaws.com/figidireki/25161618563.pdfIn PDF document text
  • http://niniwakuruvip.rf.gd/67857858134.pdfIn PDF document text
  • https://s3.amazonaws.com/novipaliwid/bujidajodal.pdfIn PDF document text
  • https://s3.amazonaws.com/rufonali/wetexosurijijerizudata.pdfIn PDF document text
  • https://77ac2d45-d533-4b4b-a85c-01e81860bff9.filesusr.com/ugd/7f1ad7_2252017a9742481fac8d2d7a8281feac.pdf?index=trueIn PDF document text
  • http://girifatu.rf.gd/37887608849.pdfIn PDF document text
  • https://d0bf7e8b-5449-41c0-93e9-161603c0719f.filesusr.com/ugd/197ed4_6b7685f894be4e6b97bd92c2a7ab8330.pdf?index=trueIn PDF document text
  • https://2a983b51-2e13-4971-8c1f-a5bca3ab4353.filesusr.com/ugd/e1a791_10ac68553216413b815ae3fb0519b40e.pdf?index=trueIn PDF document text
  • https://91953a53-6f32-4f2a-9b2e-0f954541ff31.filesusr.com/ugd/dad90e_7bed62022aae4e8e8afae5fc9314de0a.pdf?index=trueIn PDF document text
  • https://7f58a6d3-5723-489e-a2bd-17fd91e1ddd5.filesusr.com/ugd/655495_70d3eb86629240a882e4fdd78c2295e3.pdf?index=trueIn PDF document text
  • https://944bcc21-9f45-42c2-9889-8cf837fa5d1c.filesusr.com/ugd/50f869_ba9c27860d134199929b45015afbe24f.pdf?index=trueIn PDF document text
  • https://091a8774-b5bd-4fb7-8799-8d1ca0ca44ad.filesusr.com/ugd/8716ab_47b1433c50f448eca3f4a59565139895.pdf?index=trueIn PDF document text
  • http://tilixufevoj.epizy.com/benim_hocam_kpss_matematik_video_ders_notlar.pdfIn PDF document text
  • https://s3.amazonaws.com/lixuzo/vazeluku.pdfIn PDF document text
  • https://973697ad-ffa4-4f9d-85cd-0c9d1ea039ee.filesusr.com/ugd/5f5755_ab69d42ecc394bf5aaf2f2da4038613c.pdf?index=trueIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.