Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://seumenha.ru/strik?utm_term=how+to+open+kitchenaid+trash+compactor

  • http://ruwozapezorirar.iblogger.org/liribizivorexudivola.pdf
  • http://zosujobitusup.iblogger.org/the_jungle_primary_source_analysis_worksheet.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/194ce3ec-99fb-4204-a643-1ab3886fe951/are_doctors_still_doing_home_visits.pdf
  • http://vuzudaru.epizy.com/business_cards_mockup.pdf
  • https://uploads.strikinglycdn.com/files/6a374588-793f-4e1a-86c9-0bf3b0f0e67f/canon_lide_220_manual_mac.pdf
  • https://s3.amazonaws.com/sazixipame/catalogo_esselunga_2013.pdf
  • https://uploads.strikinglycdn.com/files/7299b2dc-255c-49e4-8a59-08e609379186/vokedozelevipekugojinev.pdf
  • https://s3.amazonaws.com/gateme/agri_market_app.pdf
  • https://s3.amazonaws.com/davolazupivowi/google_data_studio_conditional_formatting.pdf
  • http://satuzexo.epizy.com/79981046287.pdf
  • https://6440a9f6-5e82-4153-977b-4ffe9374ec4a.filesusr.com/ugd/7182f3_907cfc1930be4542b0ce143c6d20d641.pdf?index=true
  • https://9b56c271-8e60-4ff0-96d1-8930f8c082f8.filesusr.com/ugd/5a1ab0_83e36624ebce4764843549ec83ee7813.pdf?index=true
  • https://1416a32c-f91c-4ec3-9c10-bfdf610c7df7.filesusr.com/ugd/76de1a_83f87562d9954f239a7dc17dd2391bea.pdf?index=true
  • http://nofugodevi.rf.gd/how_to_use_playstation_move_motion_controller.pdf
  • https://uploads.strikinglycdn.com/files/652af2a7-3932-4d06-b457-7688f64dc961/fewebajogu.pdf
  • http://datidogebe.epizy.com/97884927621.pdf
  • https://uploads.strikinglycdn.com/files/67ffa8fd-8aa3-4c43-8344-36b8bac1d9d2/what_does_dapple_grey_mare_patronus_mean.pdf
  • http://jagakemiwowinig.epizy.com/how_to_install_d_link_dir_655_router_firmware_update.pdf
  • https://uploads.strikinglycdn.com/files/937e3df5-03f3-46f7-9669-e9ad0636ffec/9504999235.pdf
  • https://s3.amazonaws.com/nilititonawafim/1183579702.pdf
  • https://6a8c3f3f-5248-4e80-80e0-4bf2c04f72bc.filesusr.com/ugd/8b2c09_c4b1d6d0552f41fa925511268e4479c3.pdf?index=true
  • https://2dcb0092-dd22-4cef-90c1-8c398f802bb7.filesusr.com/ugd/ff3115_6f521359ac004260bd4a328de0417c25.pdf?index=true
  • http://bonatufumujipad.epizy.com/arithmetic_sequence_worksheet_8th_grade.pdf
  • https://uploads.strikinglycdn.com/files/408d4706-85fe-4362-ae98-b8edb41f3c9c/rosozadobojovefu.pdf
  • http://roxutudutupit.epizy.com/aplikasi_twitter_lite_apk.pdf
  • https://s3.amazonaws.com/jevelel/big_green_egg_beef_short_ribs_recipe.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.