Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://pelibifir.ru/123?utm_term=broken+english+song+free

  • https://cdn-cms.f-static.net/uploads/4447251/normal_6056840d98d53.pdf
  • https://static.s123-cdn-static.com/uploads/4380545/normal_6007edb82e203.pdf
  • http://trastenmyqort.online/917888055587kiac.pdf
  • https://cdn-cms.f-static.net/uploads/4412380/normal_604a40d7f01b8.pdf
  • http://trokot-newshop.online/92018338445ig5ua.pdf
  • http://jobware.pro/fivedumitobojokemudizame8qihb.pdf
  • http://topplafond.xyz/mifebuxi20i5s.pdf
  • https://static.s123-cdn-static.com/uploads/4404757/normal_600750c213143.pdf
  • http://idealicaitaly.site/english_grammar_lessons_advancedw2ixk.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://uploads.strikinglycdn.com/files/f38f8732-f535-4a83-b984-b23280ba427d/jasakijujogemarumaweduv.pdf
  • https://uploads.strikinglycdn.com/files/066ffbeb-aed5-40cd-b6ee-c94bf5377e57/tabupirun.pdf
  • https://uploads.strikinglycdn.com/files/c4f04f9f-c7ec-4e1e-bfc5-ea17177f25b0/voxunizifejid.pdf
  • https://uploads.strikinglycdn.com/files/72d9fe98-4c01-4981-8a63-d3f99b634f41/metric_conversion_worksheet_grade_5.pdf
  • https://uploads.strikinglycdn.com/files/41d2a13b-38a0-41f5-83c7-5777cc79404a/they_say_i_say_with_readings_wake_technical_community_college_edition._4th_ed._w.w._norton_2020.pdf
  • http://fuzuwami.epizy.com/11100538568.pdf
  • https://uploads.strikinglycdn.com/files/30e978b7-003a-4c9f-b5e9-921c6ce43ef8/hanuman_chalisa_kannada_song_download.pdf
  • http://sobilekob.epizy.com/fiitjee_admission_test_sample_papers_for_class_12_pass.pdf
  • https://uploads.strikinglycdn.com/files/772fce7b-dd21-4819-9b20-4aa5d57da128/exerpeutic_900xl_300_lbs._weight_capacity_recumbent.pdf
  • https://uploads.strikinglycdn.com/files/d964b69e-1f2d-45ef-94f0-49d6834340a9/botekizonekibewixazo.pdf
  • https://uploads.strikinglycdn.com/files/7b69f8dd-bffe-4150-891f-f795a5fb3a31/how_to_fix_a_charger_that_wont_charge.pdf
  • http://xuwizigev.rf.gd/fitter_cutting_tools.pdf
  • http://rapaxaj.rf.gd/picture_frame_templates_to_print.pdf
  • https://uploads.strikinglycdn.com/files/d0a4fae9-1f9a-46aa-ac88-b77bc845dd68/75946801633.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.