Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://dafemum.ru/wix?keyword=golf+clash+mod+apk+unlimited+money+and+gems+2019

  • https://cdn-cms.f-static.net/uploads/4414342/normal_603250eba24be.pdf
  • https://static.s123-cdn-static.com/uploads/4427544/normal_5ffcd1e9caafc.pdf
  • http://jokojujut.medianewsonline.com/tebuxoju.pdf
  • http://gadatoreneperil.mygamesonline.org/administrao_pblica_concursos.pdf
  • http://tuzogat.sportsontheweb.net/essay_on_myself_in_english.pdf
  • http://lipexifinidoda.scienceontheweb.net/32686007882.pdf
  • https://cdn-cms.f-static.net/uploads/4375894/normal_6011ec24b17a9.pdf
  • https://cdn-cms.f-static.net/uploads/4370064/normal_60510eb15ce9d.pdf
  • http://fumexijana.getenjoyment.net/782906272.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/283c4548-7a13-4b3a-80ae-5dc6378a24d0/how_to_balance_chemical_equations_examples.pdf
  • https://uploads.strikinglycdn.com/files/f36ce070-896e-4a14-94d7-05c63e48af45/why_is_my_lg_tv_screen_flickering.pdf
  • https://uploads.strikinglycdn.com/files/59297b1e-4de2-4763-8c67-97cbaac14e7c/26336192480.pdf
  • https://uploads.strikinglycdn.com/files/2f135b17-335c-4175-af6f-2b9cc0ad356c/qurani_ayat_with_urdu_meaning.pdf
  • http://taberadajip.atwebpages.com/tom_sawyer_kalandjai_film_1973.pdf
  • https://uploads.strikinglycdn.com/files/0ceb4673-fdb1-4c2b-8e21-909b69751a78/elite_23l_digital_air_fryer_oven_black.pdf
  • https://uploads.strikinglycdn.com/files/6db6ecea-a856-49b1-b537-2fedb0c49a6f/anatomy__physiology_coloring_workbook_answers_chapter_2.pdf
  • https://uploads.strikinglycdn.com/files/80e26e23-9c57-4de5-be22-60fd425f40db/modern_mathematical_statistics_with_applications_second_edition_solutions_manual.pdf
  • https://uploads.strikinglycdn.com/files/ab20c9ec-d20f-45ba-867a-d4b6e4657af3/woxinod.pdf
  • https://uploads.strikinglycdn.com/files/e1a54a5a-950e-4895-979a-c3cef9ec488e/what_is_the_best_app_for_soccer.pdf
  • https://uploads.strikinglycdn.com/files/82e66523-368d-4968-936e-a5ca4b32513b/sexururadesedexabafuwa.pdf
  • https://uploads.strikinglycdn.com/files/15df8254-ba5d-4a64-990c-0713c1dfc787/asus_maximus_viii_hero_bios_update_anleitung.pdf
  • https://uploads.strikinglycdn.com/files/e74728c4-63dd-44d1-9583-e702871939b6/12_week_strength_and_conditioning_program_mma.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.