Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://xajibur.ru/123?utm_term=badshah+the+don+bengali+full+movie

  • https://cdn.sqhk.co/tibapopedeka/hegeHjd/27740307629.pdf
  • http://miiliioner.xyz/kavubutemedirofisewazvp73.pdf
  • http://naturfresh.space/piwafobojoqed18.pdf
  • http://findattime.com/creative_visualization_examples0i3g6.pdf
  • http://cashtanks.fun/nejonukegodesugasewixedaxyu7wp.pdf
  • http://mkuu.club/vipeziderojitn0sw.pdf
  • https://cdn.sqhk.co/mubafazus/gjhhbic/71660986469.pdf
  • http://lumacy.site/zinomajufekopowuzalubxvmrs.pdf
  • http://remont-kholodilnikov.website/the_easy_way_to_stop_smoking5jniq.pdf
  • https://cdn.sqhk.co/nanagajog/Ggchjjh/at_t_prepaid_refill_card_near_me.pdf
  • http://cleaner360.shop/good_thinking_meaning_in_urdubxpjh.pdf
  • http://tk-time.site/football_strike_multiplayer_soccer_hack_apk6xzwm.pdf
  • http://dietnatur.fun/w3schools_python_if_loopwqvks.pdf
  • http://sweetygirl.club/36375625529v8dmu.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/kasuwevovog/55624262091.pdf
  • https://uploads.strikinglycdn.com/files/769e951e-5758-46c9-9f9c-f2355a9d3989/how_to_reset_samsung_soundbar_hw-h450.pdf
  • https://uploads.strikinglycdn.com/files/67fde044-61b7-4cee-9493-d4013e5e6614/58551726710.pdf
  • https://uploads.strikinglycdn.com/files/005ef4fe-db68-4f77-92d6-7a358024731f/zejikaverekikusigojasina.pdf
  • https://s3.amazonaws.com/lodazojamuva/laluwufareloxenezuj.pdf
  • https://uploads.strikinglycdn.com/files/73d87e86-0075-491e-a1f7-515bf66fcad2/libro_el_inversor_inteligente_resumen.pdf
  • https://s3.amazonaws.com/sajezife/48471196440.pdf
  • https://uploads.strikinglycdn.com/files/7d3b03e8-0435-4b66-b1be-856b885cacdc/13873746476.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL
  • http://www.geocities.com/mitra_anirban/hobbies.htmGNU
  • http://www.gnu.org/copyleft/gpl.htmRegular

Open this report in the interactive analyzer, or submit your own file for analysis.