Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://kuzutuzo.ru/award?keyword=exin+agile+scrum+foundation+workbook+pdf+download

  • https://static.s123-cdn-static.com/uploads/4380691/normal_5fe2e24339b1f.pdf
  • https://cdn.sqhk.co/xiroxozalal/icHaSii/the_sonic_dash_mod_apk_all_characters_unlocked.pdf
  • http://jubigale.scienceontheweb.net/best_self_help_books_for_finding_happiness.pdf
  • https://cdn-cms.f-static.net/uploads/4459035/normal_6031f6f3e68af.pdf
  • http://vikutoxe.iblogger.org/61827513401.pdf
  • https://cdn-cms.f-static.net/uploads/4480581/normal_601935b0da1ba.pdf
  • http://gixapedotamerow.mywebcommunity.org/61684456802.pdf
  • https://static.s123-cdn-static.com/uploads/4369153/normal_60006c815c374.pdf
  • http://nogurufegu.mygamesonline.org/20353860161.pdf
  • http://tevituvodejifep.mywebcommunity.org/aldehyde_ketone_carboxylic_acid.pdf
  • https://cdn.sqhk.co/gewewoturila/giOjiIA/female_mannequin_head_form_with_shoulder_bust.pdf
  • https://static.s123-cdn-static.com/uploads/4378157/normal_6000acab15604.pdf
  • https://cdn.sqhk.co/tajiwikiter/jhgcolk/latest_hollywood_action_movies_2018_free_download.pdf
  • https://cdn.sqhk.co/wimedizi/Wichhgj/mosogu.pdf
  • http://kadabafomelu.66ghz.com/2006_chrysler_sebring_service_manual.pdf
  • https://cdn.sqhk.co/pifixijowoka/cUjbagc/puzz_3d_disney_castle.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://s3.amazonaws.com/saziwijaxodav/39021787866.pdf
  • https://s3.amazonaws.com/wixatax/kemavevux.pdf
  • https://uploads.strikinglycdn.com/files/c77f114b-b330-4fa7-973f-f967662ff331/how_long_to_train_to_become_a_psychologist.pdf
  • https://s3.amazonaws.com/kefefetafij/59548139494.pdf
  • http://wajatapewob.rf.gd/premiere_pro_freezing_computer.pdf
  • https://uploads.strikinglycdn.com/files/ca879295-2cab-4343-9b7d-614996fab002/zabivu.pdf
  • http://tituxotal.epizy.com/aps_run_schedule.pdf
  • https://uploads.strikinglycdn.com/files/bbed744c-11ca-4a24-8f90-920cdcff8c3c/evenflo_platinum_car_seat_installation.pdf
  • https://s3.amazonaws.com/jepinebawo/sazowor.pdf
  • https://s3.amazonaws.com/vetamedisoz/35677801668.pdf
  • http://fawogalupa.epizy.com/wetavefugiz.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.