Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://lozipotod.ru/strik?utm_term=how+to+determine+boiling+point+of+ethanol PDF link annotation

  • https://cdn.sqhk.co/ninilevikod/wggjijj/zewefezexipikut.pdfIn PDF document text
  • https://cdn.sqhk.co/feletitami/Rejaija/bonbon_cakery_mod_2._1._10.pdfIn PDF document text
  • https://cdn.sqhk.co/dukoredod/6hb6ibu/85385330549.pdfIn PDF document text
  • http://kevikakagax.iblogger.org/98809183040.pdfIn PDF document text
  • https://cdn.sqhk.co/vizefejij/khgLhii/suladonisuxef.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://s3.amazonaws.com/fosawef/vuxilubevuvovopifubude.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5726b629-4ceb-48f0-a737-524b9389dae4/niganenegotik.pdfIn PDF document text
  • http://bapomel.epizy.com/sembaruthi_serial_songs_in_tamil_isaimini.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/8bd0d0bc-a22a-4c41-b2ec-6599060b7c9a/what_does_the_tree_of_life_mean_in_revelation_22.pdfIn PDF document text
  • https://s3.amazonaws.com/dumupa/62537042915.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/0d4c50d6-a784-442e-85df-96a9c93c8ae2/echo_studio_user_manual.pdfIn PDF document text
  • http://xulodolab.epizy.com/ek_waqia_batlata_hoon_naat.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/ae8280b6-ce76-45e0-92f9-41ae16b3d865/28644541573.pdfIn PDF document text
  • https://s3.amazonaws.com/pesetufavo/what_is_the_synopsis_of_les_miserables.pdfIn PDF document text
  • https://s3.amazonaws.com/tiluwisulepam/63633000219.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/35695916-a016-4a96-85bd-a38ab1f19993/systematic_literature_review_conclusion.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/58a5bc86-341b-436f-a72d-3870cee6175e/omron_body_composition_monitor_with_scale_bluetooth.pdfIn PDF document text
  • http://gujitijeko.rf.gd/momofufotamavuloparajiz.pdfIn PDF document text
  • https://s3.amazonaws.com/lovetijif/22310372354.pdfIn PDF document text
  • https://s3.amazonaws.com/votubukaxogilix/46730865224.pdfIn PDF document text
  • https://s3.amazonaws.com/jadudusujuje/absence_letter_format_for_university.pdfIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.