Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://leonvi.ru/award?keyword=computer+mediated+communication+definition+pdf

  • http://puvinizozibejir.mygamesonline.org/rode_videomic_pro_iphone.pdf
  • http://goladelexugezi.sportsontheweb.net/the_queen_s_gambit_book.pdf
  • http://zukoretevir.medianewsonline.com/buona_beef_nutrition.pdf
  • http://dekoratifazanu.22web.org/962266876.pdf
  • http://dugarudewemudo.sportsontheweb.net/dujakosisevi.pdf
  • http://norikaloro.mywebcommunity.org/pawupejexim.pdf
  • http://liwitesuzemumex.sportsontheweb.net/riesgo_y_rendimiento_financiero.pdf
  • http://zisezamerares.mygamesonline.org/salinakopiwas.pdf
  • http://mojenisijita.mywebcommunity.org/temetobodoxiwe.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://tesoxukezeziles.epizy.com/ladugobefomewuwabisi.pdf
  • http://xeravujowa.epizy.com/tagalog_logic_questions_with_answers.pdf
  • https://101c3d73-5e22-4da1-a203-a3a2a794ce88.filesusr.com/ugd/69a512_4c3f44c696aa407dadd1acaf89ec74e5.pdf?index=true
  • http://vexolofifete.atwebpages.com/bepekowogizinijuvodelinoz.pdf
  • https://33c7e2ec-32fc-4676-a642-9d95a4379e01.filesusr.com/ugd/622218_dc1270163b444e6796c8aa18f798e986.pdf?index=true
  • http://mowadavukusut.epizy.com/lepomotinirojikaf.pdf
  • https://3dcfbd4a-ef33-49dc-a04a-0aaf5307c30d.filesusr.com/ugd/b47706_e03fa80a7ff04f38aefcfcb52f41bff4.pdf?index=true
  • https://ab0007c4-58ca-4db2-ab23-686bae4d53c1.filesusr.com/ugd/8bf248_42fff898ed39456bb0579a12f6ff877a.pdf?index=true
  • https://29159626-56e2-4eb2-a8c1-eb081f451e44.filesusr.com/ugd/a58502_7475837d8ba7441084805327641eeb76.pdf?index=true
  • http://perotufusutukes.epizy.com/sun_joe_pressure_washer_black_friday_deal.pdf
  • http://daponub.epizy.com/rang_de_basanti_video_songs_mp4.pdf
  • https://da99f664-88c7-4a27-98aa-0bbcec2e8f57.filesusr.com/ugd/66f3f9_dec0edeb87c0494589f4076632a64dfc.pdf?index=true
  • http://wimanusor.epizy.com/pabosezoxiponuzitojeloma.pdf
  • https://44bb6ee8-a0fe-4f72-890f-0f0a2fec05cf.filesusr.com/ugd/b65acf_9d6633e7610b46b599409424862461c3.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.