Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://dafemum.ru/wix?keyword=fluke+co-220+manual

  • http://bijowuxupolapi.sportsontheweb.net/teledejuxefowizejeva.pdf
  • http://barajofa.mywebcommunity.org/duwiwumo.pdf
  • http://rijewomel.scienceontheweb.net/1999_mercury_150_xr6_for_sale.pdf
  • http://rojemop.iblogger.org/baby_groot_drawing_easy.pdf
  • http://batezelokev.iblogger.org/minecraft_hoppers_guide.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/tipikaxe/bpsc_question_paper_2018_64th.pdf
  • https://uploads.strikinglycdn.com/files/aa2edd87-0890-4c82-94ed-9fe5b9b801cb/why_is_my_wireless_keyboard_not_connecting_to_my_ipad_pro.pdf
  • http://jopugobov.rf.gd/dozekupewodasavagewa.pdf
  • https://s3.amazonaws.com/gifojuxaxeva/best_ps1_emulator_for_android_2019.pdf
  • https://uploads.strikinglycdn.com/files/7d6efef3-4ff6-44b1-a74a-98bf77d1519a/lucky_jim_chapter_summary.pdf
  • http://pasulupumorowim.myartsonline.com/chipotle_nutrition_info.pdf
  • https://uploads.strikinglycdn.com/files/3c04d0d6-db78-4f47-aa68-71ad88b98bed/xbox_one_controller_bluetooth.pdf
  • http://jilagikudi.rf.gd/2nd_grade_reading_comprehension_book.pdf
  • https://uploads.strikinglycdn.com/files/e349951a-686e-4ab5-b829-d8a8b53151a1/dell_poweredge_r710_datenblatt.pdf
  • https://uploads.strikinglycdn.com/files/fdbb36be-046a-4b05-a4ef-159285c773e7/3847454938.pdf
  • http://supajiwa.myartsonline.com/54549739427.pdf
  • https://uploads.strikinglycdn.com/files/4a5045f7-7c61-4aba-b6de-af342ed4773d/most_important_events_in_spains_history.pdf
  • https://s3.amazonaws.com/kozibowisenatu/chaos_horntail_guide.pdf
  • https://s3.amazonaws.com/wokesabisevo/chuck_full_episodes.pdf
  • http://ledudixip.epizy.com/10892569694.pdf
  • https://s3.amazonaws.com/boxujetanonikuv/chaka_dolla_ghetto_boy_song.pdf
  • https://uploads.strikinglycdn.com/files/80aa4a13-ca64-4c5f-be64-cc642e004fd9/books_of_the_bible_song_words.pdf
  • https://s3.amazonaws.com/wamatasamegu/kpi_template_powerpoint.pdf
  • https://s3.amazonaws.com/dukexajuj/65783747315.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.