Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://resalured.ru/award?keyword=mcq+on+periodic+table+pdf

  • https://cdn-cms.f-static.net/uploads/4390329/normal_602d5bd2bee51.pdf
  • https://cdn-cms.f-static.net/uploads/4480884/normal_602541bb7d148.pdf
  • http://losopefopamusoz.sportsontheweb.net/problem_solving.pdf
  • http://muzomabavima.medianewsonline.com/jabalor.pdf
  • http://dorutote.scienceontheweb.net/causes_and_effects_of_acid_rain.pdf
  • http://dofujifeluradep.medianewsonline.com/jurnal_asuhan_keperawatan_penyakit_jantung_koroner.pdf
  • https://cdn-cms.f-static.net/uploads/4474465/normal_6011ebcfde0f2.pdf
  • http://fexevewuli.mypressonline.com/what_is_psychoanalysis_in_simple_terms.pdf
  • http://lafilubepojev.scienceontheweb.net/budgeting_and_financial_management_in_education.pdf
  • http://jefevivavifax.scienceontheweb.net/history_of_web_design.pdf
  • http://itawegan.space/32914650821s0q42.pdf
  • http://world-wildshop.com/appiah_cosmopolitanismh2ivn.pdf
  • https://cdn-cms.f-static.net/uploads/4450419/normal_6021274461cc8.pdf
  • http://xulazawelinuze.scienceontheweb.net/how_to_get_used_to_first_pair_of_glasses.pdf
  • https://static.s123-cdn-static.com/uploads/4376359/normal_5fc9af498fdcd.pdf
  • http://kuworekokinig.medianewsonline.com/cable_gland_selection_chart_for_armoured_cable.pdf
  • http://vipimuxatomefi.medianewsonline.com/98632718056.pdf
  • http://stroy-level.ru/36306634254vry8c.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://nopugorib.onlinewebshop.net/ayurvedic_gujarati_book.pdf
  • https://s3.amazonaws.com/zuvovoxigumuz/bartender_3_wow.pdf
  • https://s3.amazonaws.com/xoguwavosuje/pokemon_cards_online_games_free_no.pdf
  • https://s3.amazonaws.com/zuxime/piriformis_pain_in_buttocks.pdf
  • http://tebaputazaxuva.myartsonline.com/hoover_power_scrub_deluxe_carpet_washer_fh50150_replacement_parts.pdf
  • https://s3.amazonaws.com/tometubufimopim/ms_sql_server_2015_free.pdf
  • http://tuparibuju.atwebpages.com/new_year_calendar_2020.pdf
  • http://lopakesuzuw.atwebpages.com/zidukorepezodofijesot.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.