Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://xezojetit.ru/strik?utm_term=how+to+use+tc+helicon+harmony+singer+2 PDF link annotation

  • https://cdn.sqhk.co/nawafoxobok/gfjhejg/28465404853.pdfIn PDF document text
  • http://xagugudel.sportsontheweb.net/mixigok.pdfIn PDF document text
  • https://cdn.sqhk.co/vizejagojib/hjhgOhb/46117621376.pdfIn PDF document text
  • https://cdn.sqhk.co/rurizibaxami/didoiii/digital_marketing_2020_danny_star.pdfIn PDF document text
  • https://cdn.sqhk.co/xaselavub/ghgqAju/kawefiropovujejid.pdfIn PDF document text
  • http://lightsex.ru/nuvegakapapovalesinimm1g3z.pdfIn PDF document text
  • http://krepezh.guru/marquis_de_sades_justine_1977_ok.ruu8izg.pdfIn PDF document text
  • https://cdn.sqhk.co/medipevagopu/N9Kijgc/turboprop_flight_simulator_3d_apk.pdfIn PDF document text
  • https://cdn.sqhk.co/gidulikegel/vfhhJ8t/beyblade_coloring_pages.pdfIn PDF document text
  • https://cdn.sqhk.co/filomada/gicvhda/77586399856.pdfIn PDF document text
  • https://cdn.sqhk.co/wazafanez/hbbheCO/zombie_invasion_minecraft_map.pdfIn PDF document text
  • https://cdn.sqhk.co/vefoveted/FThjjfP/chaos_road_combat_racing_apk.pdfIn PDF document text
  • http://kipegujodup.getenjoyment.net/applied_linguistics_branches.pdfIn PDF document text
  • https://cdn.sqhk.co/karopepagu/Ije9ifg/bmx_balance_bike_racing.pdfIn PDF document text
  • https://cdn.sqhk.co/wudawagirus/ihGhggf/69496385323.pdfIn PDF document text
  • https://cdn.sqhk.co/worijekegir/iicjcpH/video_call_baat_karne_wala_apps.pdfIn PDF document text
  • https://cdn.sqhk.co/bodavadu/djahiib/online_life_simulation_games_unblocked.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://uploads.strikinglycdn.com/files/f943a2d3-5096-4241-9031-63333e59f527/13810045756.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/48add32f-fcbd-42e5-b2b5-01037e275f96/65115520170.pdfIn PDF document text
  • http://wonanikapudidak.atwebpages.com/apicomplexan_life_cycle.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/865bc9ff-5be7-463c-9277-64d01441c739/what_is_acceptance_commitment_therapy.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/2efd5b4b-41fc-4b1d-b458-b9a8d82f488c/samsung_dishwasher_dw80f600uts_manual.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/84687a8c-6eee-44f1-a747-47a3679cb228/sallys_baking_addiction_pizza_crust.pdfIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.