Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://lovig.co.za/XSRYdR1H?utm_term=death+of+a+salesman+pdf+citation+apa+citation+apa

  • https://lerogufoporix.weebly.com/uploads/1/3/4/8/134885840/5bd5a6.pdf
  • https://degetopej.weebly.com/uploads/1/3/4/7/134727915/lepofisenigu_bobona.pdf
  • https://asiahealthcaredentalcentre.com/ckfinder/userfiles/files/kebexepodusefuximize.pdf
  • http://artmetinc.com/wp-content/plugins/formcraft/file-upload/server/content/files/1621cc6c82755f---jipijoxepekufolezujopi.pdf
  • http://aardbeienfeesten.nl/uploadimages/files/79604133247.pdf
  • https://ashasuchikala.com/ckfinder/userfiles/files/5320398212.pdf
  • https://tuvepovuno.weebly.com/uploads/1/3/3/9/133997374/kunojovonogipe.pdf
  • http://unipell.com.br/wp-content/plugins/formcraft/file-upload/server/content/files/1626195b530294---dadifaxerujego.pdf
  • https://kizofupotumi.weebly.com/uploads/1/3/4/3/134314367/9146353.pdf
  • https://jabudotetita.weebly.com/uploads/1/4/1/4/141435846/512701.pdf
  • https://yam-token.com/business_school/uploads/file/gudowowijoj.pdf
  • http://akgdsgfly.pretty-match.com/upload/files/buxojudev.pdf
  • http://sparan-art.ru/ckfinder/userfiles/files/wipuxotosoxekonovidiwor.pdf
  • https://ailani.org/wp-content/plugins/super-forms/uploads/php/files/8b66ac1f482103aa46799b74ee500df2/60590246354.pdf
  • https://mubazujozij.weebly.com/uploads/1/3/4/7/134705676/6492417.pdf
  • http://boletin.alicantehosteleria.com/lib/ckfinder/userfiles/files/doperen.pdf
  • http://elcastillotucentrotextil.com/imagenes/contenido/files/73017461429.pdf
  • https://www.food-equipment-store.com/fckeditor/uploads/file/54530735575.pdf
  • http://www.schule.havonix.com/ckfinder/userfiles/files/72902150610.pdf
  • http://iscelenie.info/files/file/40404143589.pdf
  • http://vibestedu.com/_UploadFile/Images/file/11779026117.pdf
  • https://risimapi.weebly.com/uploads/1/3/4/3/134321435/5494705.pdf
  • https://sodumixiseto.weebly.com/uploads/1/3/4/3/134311801/supaxu.pdf
  • https://komanibinepo.weebly.com/uploads/1/3/4/5/134588578/71c0daaad48c8d8.pdf
  • https://forevegil.weebly.com/uploads/1/4/1/4/141413148/bcd59e.pdf
  • http://image.dlib.vn/libedu/news/thuvienquangngai/20220408/file/67439646843.pdf
  • https://nikovazof.weebly.com/uploads/1/3/2/6/132682709/cb62618b6.pdf
  • http://wskinbody.com/data/boardData/files/56848662304.pdf
  • http://ozdoby-betonowe21.pl/Upload/file/46186688684.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://dejavu.sourceforge.net
  • http://dejavu.sourceforge.net/wiki/index.php/License

Open this report in the interactive analyzer, or submit your own file for analysis.