Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://ketchas.ru/pbw?utm_term=vivah+movie+hd+video

  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://vimadutukad.pbworks.com/w/file/fetch/145079649/pugowalonifewewemija.pdf
  • https://uploads.strikinglycdn.com/files/47aaad4f-db09-45a4-a16a-c985381f382b/54058089781.pdf
  • https://uploads.strikinglycdn.com/files/2ec53363-3ce4-49fe-b140-e59bfe9b3034/oxford_essential_dictionary_download.pdf
  • http://xesimisejek.pbworks.com/w/file/fetch/144749055/34732728166.pdf
  • http://pusavivo.pbworks.com/w/file/fetch/144461616/engineering_mechanics_dynamics_7th_edition_j.l_meriam_l.g._kraige.pdf
  • https://uploads.strikinglycdn.com/files/475cb43b-4ee8-469d-bc2d-bc8e02d41a99/sistema_de_ecuaciones_lineales_con_3_incognitas_metodo_grafico.pdf
  • https://uploads.strikinglycdn.com/files/f9f94da0-903d-4baa-a01f-7e2755857b30/wituziw.pdf
  • http://wedezim.pbworks.com/w/file/fetch/144887298/nikezijajizuwamofoduw.pdf
  • https://uploads.strikinglycdn.com/files/e9129c02-1445-4031-9618-a7bf7aacd1eb/solucionari_matematiques_2_batxillerat_mcgraw_hill_unitat_6.pdf
  • http://fevuxowina.pbworks.com/f/33920720576.pdf
  • http://tereburokofe.pbworks.com/f/minecraft_mods_pe.pdf
  • https://uploads.strikinglycdn.com/files/4eb9acb4-d948-408c-be5c-c232c3e69aee/how_to_set_up_voicemail_on_iphone_consumer_cellular.pdf
  • https://uploads.strikinglycdn.com/files/a9aee626-8f25-42fc-8994-20fe5c4cbfcf/gikupegimumibiri.pdf
  • https://uploads.strikinglycdn.com/files/7c2ac474-25db-47e8-89b0-cab2cae445f7/acidic_alkaline_food_chart_indian.pdf
  • https://uploads.strikinglycdn.com/files/f206fb34-4460-4b5d-89be-e0d496cc7370/selenium_tutorial_guru99.pdf
  • https://uploads.strikinglycdn.com/files/9c86edd3-1595-4d97-a471-bd1606ac9b24/40930932746.pdf
  • https://uploads.strikinglycdn.com/files/cecd617b-9ee2-47e5-99bd-d6ef101c70e7/74398327311.pdf
  • https://uploads.strikinglycdn.com/files/0e7bc043-4e3d-4061-9111-da0cafea32da/91068420139.pdf
  • http://minuwaxiper.pbworks.com/f/what_happens_to_lady_macbeth_in_act_5.pdf
  • https://uploads.strikinglycdn.com/files/9d5c9309-9219-4ee7-9199-5ce218c2e2e8/survival_kit_list_for_home.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.