Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://seumenha.ru/strik?utm_term=what+happened+at+the+end+of+a+streetcar+named+desire

  • http://lipuwisapi.mywebcommunity.org/22457140848.pdf
  • http://novijixonusasu.mywebcommunity.org/the_difference_between_male_and_female_brains_youtube.pdf
  • http://rulajamizap.getenjoyment.net/posterior_cerebral_artery_stroke.pdf
  • http://nariwunuzaw.scienceontheweb.net/38454052534.pdf
  • http://vuzuwul.getenjoyment.net/edit_pages_in_photoshop.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/dubiditiginowo/72779738577.pdf
  • http://rolubumemetujin.atwebpages.com/winters_bone_parental_review.pdf
  • https://s3.amazonaws.com/jukoxisojow/balunga_toka_song.pdf
  • https://18cb0a1d-3822-48a5-9ca0-56465202bc9b.filesusr.com/ugd/96564c_f3d413bc0cb843649d42875bc7e2e488.pdf?index=true
  • https://e4034479-4ead-418b-af8c-5be8dc72bdbe.filesusr.com/ugd/1e8759_4e56d4d281df4429922194d3360ff9b0.pdf?index=true
  • https://uploads.strikinglycdn.com/files/6a33b47d-8513-44f2-8504-6ae91bb98733/breadman_plus_bread_machine_manual.pdf
  • https://uploads.strikinglycdn.com/files/2853032f-5406-4db1-acce-6ae2c7601af0/maneuvering_board_lessons.pdf
  • https://484a0fbd-04e0-416f-b335-41eb3f66808b.filesusr.com/ugd/228afb_0cd8a1ec024c4cc1b9ca4d519584f1c4.pdf?index=true
  • https://s3.amazonaws.com/votawawo/evolution_of_earth_s_atmosphere_worksheet.pdf
  • https://19e6fc83-c281-4d06-93fd-e8b16a02b90a.filesusr.com/ugd/ce5d00_b9f280492410412f95313282d7448a39.pdf?index=true
  • https://uploads.strikinglycdn.com/files/78c72525-337a-4765-92f2-f90f9d342b89/why_was_the_lincoln_douglas_debates_so_important_in_the_lead_up_to_the_civil_war.pdf
  • https://s3.amazonaws.com/rebomedug/free_cursive_handwriting_worksheets_for_third_grade.pdf
  • http://zitadufafasid.onlinewebshop.net/metamorphosis_meaning_franz_kafka.pdf
  • https://uploads.strikinglycdn.com/files/db4970dd-d824-4962-b90b-ff38f73c94bd/god_is_redeemer_verse.pdf
  • https://s3.amazonaws.com/pevarijidasalop/hypertension_cookbook_for_dummies.pdf
  • https://uploads.strikinglycdn.com/files/bc5b4f8f-bb7d-4c2e-b32f-617b2a9b0acc/ford_3000_gas_tractor_battery_specs.pdf
  • https://30c74dc1-c3f2-4e71-8253-1ec84f3b94e1.filesusr.com/ugd/b8c6fa_2360edd0237e4398a725aced4d1e627f.pdf?index=true
  • https://2903667b-e544-4972-ac7f-e5855aaa9b37.filesusr.com/ugd/2cc660_e2b0ba2edaeb41c685a154593192ab07.pdf?index=true
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.