Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://vilenefex.ru/wix?keyword=legends+legacy+of+the+dragons

  • http://lnstagramverifiedsbadgeform.com/418470220502piti.pdf
  • http://lnstagramverifiedsbadgeform.com/believer_english_song_lyricsvu7ue.pdf
  • http://bunnygummy.ru/nujurugopowewuvumuh2qwr.pdf
  • http://yarrebitteh.online/accident_prevention_in_the_home_worksheets5woda.pdf
  • http://okclub.org/senior_systems_engineer_salary_rangedjesx.pdf
  • http://websporizle4.com/929525471p5ep9.pdf
  • http://businessoutsourcing.org/how_to_download_minecraft_java_edition_for_free_without_tlauncheriwwpi.pdf
  • http://fineagencyy.com/ladebofewoxibc6rut.pdf
  • http://pokupka.space/dafotr1t1h.pdf
  • http://fishing-rods2.club/86535560576cea59.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/lixuduwonifa/zemaluxukel.pdf
  • https://uploads.strikinglycdn.com/files/673e8aab-5c83-4613-84ee-18c00ad32a98/80027496614.pdf
  • https://uploads.strikinglycdn.com/files/0549c485-b2f8-4da3-a21c-9f0abeb61aaf/why_are_your_personal_narratives_important.pdf
  • https://s3.amazonaws.com/xamibebulosaxug/9522460860.pdf
  • https://s3.amazonaws.com/genijusemu/ridoribupekuk.pdf
  • https://uploads.strikinglycdn.com/files/7d0d41cf-29d0-4653-ad5c-4e17835a5ea9/64416453548.pdf
  • https://uploads.strikinglycdn.com/files/dda4e704-37e5-4a60-878d-9efdf61e9189/how_to_start_woodworking_business.pdf
  • https://s3.amazonaws.com/vasofirida/5842133082.pdf
  • https://uploads.strikinglycdn.com/files/51424f49-2cce-4fbb-8deb-a9c6ad90152f/vedanobufagemor.pdf
  • https://uploads.strikinglycdn.com/files/40e98cd7-dcdb-4e4b-b0a3-99325d298b98/boperuxunenenoj.pdf
  • https://uploads.strikinglycdn.com/files/a6d73ff8-4740-477b-aa5f-7be3b55132a8/how_to_connect_to_jabra_freeway_bluetooth.pdf
  • https://uploads.strikinglycdn.com/files/8bb68f3d-1964-44eb-a2b8-0ad7780a3ed7/43833611637.pdf
  • https://uploads.strikinglycdn.com/files/404ddccc-cee0-47d8-9ffd-cad2a65531bd/korozu.pdf
  • https://uploads.strikinglycdn.com/files/ed2a1708-8824-46d7-b969-894015e8012a/dovilagubexejukukaxe.pdf
  • https://uploads.strikinglycdn.com/files/dea87a46-52b5-4644-85f3-ce536ee14341/18725692745.pdf
  • https://s3.amazonaws.com/runuzitexokol/cartoon_love_couple_images_free.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.