Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2528dad23a95d95-d2528dad23a95d95-10044376-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://jacksth.ru/strik?utm_term=how+to+put+noise+cancelling+on+beats

  • https://cdn-cms.f-static.net/uploads/4371809/normal_603a9efdc0ed7.pdf
  • http://itverys.space/34440855758bg83y.pdf
  • https://static.s123-cdn-static.com/uploads/4469359/normal_5feb42daae882.pdf
  • http://choosemadam.site/94836629766emsa0.pdf
  • http://karnaval.host/fisadpvo94.pdf
  • http://winsbig.space/dudikijai03xr.pdf
  • http://xovitixekewelom.scienceontheweb.net/23902121673.pdf
  • https://cdn-cms.f-static.net/uploads/4470699/normal_5fda94e8a353d.pdf
  • http://miwasigal.mywebcommunity.org/tazotazidujijebinotil.pdf
  • http://liwurivosopap.medianewsonline.com/46997532055.pdf
  • http://sandwichhq.club/senotiwhfwgy.pdf
  • https://cdn-cms.f-static.net/uploads/4490128/normal_5fd8c16bb71f6.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://fuzolegogi.atwebpages.com/building_materials_and_construction_technology.pdf
  • https://uploads.strikinglycdn.com/files/f12eddca-f48c-4949-bcd4-41ea1c854a31/funciones_trigonometricas_pitagoricas_ejemplos.pdf
  • https://uploads.strikinglycdn.com/files/90de44cf-76a7-4530-9c73-39633e54b15d/58216362016.pdf
  • http://zaduzos.myartsonline.com/definition_of_business_research.pdf
  • https://uploads.strikinglycdn.com/files/717f991e-010d-440f-b20f-13549419602c/how_to_cook_a_ribeye_roast_on_rotisserie.pdf
  • https://uploads.strikinglycdn.com/files/b9a5d5c6-6a99-4242-87e3-cbe3112adafb/80107877362.pdf
  • https://uploads.strikinglycdn.com/files/67e3f09e-209b-4dbc-8b9d-cd1392b6c2ed/manual_icom_718_portugues.pdf
  • https://b6c9d0de-81a1-4db9-ab7d-8a95af9e63d6.filesusr.com/ugd/b28ae2_2e512ad807cc4be49c50eae0e38245b3.pdf?index=true
  • https://uploads.strikinglycdn.com/files/285b0aa3-52c0-440f-a972-2a0b566e5143/war_of_the_worlds_cast_the_challenge.pdf
  • https://d102a0f2-001f-4998-bb0a-88ac30ac05b5.filesusr.com/ugd/771ea4_1356dc2b8a6a46c297c68b457c871bb2.pdf?index=true
  • https://411be8f8-4ba1-40b5-9edf-cc4a2c3d5ecc.filesusr.com/ugd/a86d68_24f81183e1334772961598feeca9f742.pdf?index=true
  • https://uploads.strikinglycdn.com/files/4452010f-450b-4b2f-a372-4e78ce8ece58/56302637698.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.