Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://coretry.ru/pbw?utm_term=divorce+settlement+agreement+pdf+south+africa PDF link annotation

  • https://static.s123-cdn-static.com/uploads/4480899/normal_60059e275ccaf.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4405185/normal_601f3739a2544.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4482012/normal_60586454aad57.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4446762/normal_603d26f173377.pdfIn PDF document text
  • https://static.s123-cdn-static.com/uploads/4376879/normal_6003ffe54bced.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://uploads.strikinglycdn.com/files/38e85aae-d098-4acd-9263-0dd2e525f486/tactics_ogre_let_us_cling_together_pc.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/a17b1b98-d2c0-496d-b2c0-2390e02829f2/there_is_there_are_some_any_exercises_islcollective.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/066683af-c61d-4b52-a3ee-8316baf69675/julodelo.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/8265c758-26d9-4e0a-a721-702690c0dedf/ng_book_angular_8_download_free.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/dc37c32b-7d84-4781-bca7-331b7b28d400/what_are_aggressive_behaviors.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/b16a952a-326c-4646-b152-46638ced0474/vofaluwagap.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/fb9a75ec-24dc-4612-ac67-e07bebce5ae4/27729320344.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/3f605451-8ed1-4c46-9f24-9b015e996993/benim_konuan_tom_hile_apk_day_indir.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/249e4c3c-0cbf-4bcf-8e37-da8c1f9542b2/libro_ingles_avanzado_descargar_gratis.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/df4b9020-28d0-429e-907e-077a4fc4d6af/97640286466.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/93a96b9c-38ee-4daf-ba65-9b44d193700b/apprendre__dessiner_peter_gray_gratuit.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/0c4a1c51-629b-41dc-9aa2-da2776c8687a/zurubew.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/05f60ffc-6e0b-44a7-9ab9-5c14d0ac35c6/dork_diaries_movie_trailer_2016.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/9902a6ed-4fec-4d9d-a0eb-ef8145149801/rukajozurotasugoze.pdfIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.