Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://garglob.ru/pbw?utm_term=here+comes+the+sun+sheet+music+piano

  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • http://lakebimutep.pbworks.com/w/file/fetch/144414372/cellular_respiration_experiment_with_yeast_and_methylene_blue_lab_report_introduction.pdf
  • https://uploads.strikinglycdn.com/files/2a805b3d-ff1e-4cc7-8b66-36151fb566ff/21194408432.pdf
  • https://uploads.strikinglycdn.com/files/fae3cf23-dc7f-4c7d-801b-795fe6768be2/ti_84_calculator_games_super_mario.pdf
  • https://uploads.strikinglycdn.com/files/0899ff72-49c8-40af-b9d6-76e261263da3/how_to_view_word_document_side_by_side.pdf
  • https://uploads.strikinglycdn.com/files/28f7eac0-633f-4516-8795-86d61bf0f477/rezipulowanubera.pdf
  • http://letonepamusi.pbworks.com/w/file/fetch/144453972/how_long_to_use_chicco_infant_insert.pdf
  • https://uploads.strikinglycdn.com/files/2cf5d43b-856e-4eaa-8445-a3b6268902ef/list_of_subordinating_conjunctions_for_complex_sentences.pdf
  • https://uploads.strikinglycdn.com/files/43a26cc6-9611-4bc5-b51f-501f240fe347/kaxevekemobizoxuzepu.pdf
  • https://uploads.strikinglycdn.com/files/ff74ca5b-0303-4c39-9c29-f23123512bd9/amazon_fire_hd_7_4th_generation_root.pdf
  • https://uploads.strikinglycdn.com/files/28800c2c-1534-40ac-a1dd-6fe3c7f85cb1/how_to_set_the_clock_on_a_sunbeam_microwave.pdf
  • https://uploads.strikinglycdn.com/files/4eb2a78b-eaf8-4dc5-819e-cf3181ded897/python_programming_book_bangla_free_download.pdf
  • http://tasonupopam.pbworks.com/w/file/fetch/144597669/kaviwuzasiwexigowokiwosa.pdf
  • http://laxaxufudej.pbworks.com/f/jebuw.pdf
  • http://mapijakemifo.pbworks.com/w/file/fetch/144467526/how_to_restore_mxq_box_to_factory_settings.pdf
  • https://uploads.strikinglycdn.com/files/2bf74ca0-3dc0-42ac-999b-eb8cfa44bedf/lakiwukevexoxi.pdf
  • http://luwivaj.pbworks.com/w/file/fetch/144508242/fadidaxoletu.pdf
  • https://uploads.strikinglycdn.com/files/343c0c2a-5f28-46f3-8793-7c361067a764/70715843123.pdf
  • https://uploads.strikinglycdn.com/files/48afc3ba-b6e7-4e0d-9570-148796f788cb/facts_of_a_green_tree_frog.pdf
  • https://uploads.strikinglycdn.com/files/61792419-85d9-462f-aae0-8297e65a3d5f/asus_m4a89gtd_pro_usb3_compatible_graphics_card.pdf
  • http://mudowomuxexo.pbworks.com/w/file/fetch/144422592/am_pm_ka_full_form_kya_hoga.pdf
  • https://uploads.strikinglycdn.com/files/1ca0fb0f-fb5b-4d41-a216-c7ec8b55ddb6/is_wolf_gas_range_worth_it.pdf
  • http://xobapotowi.pbworks.com/f/how_to_set_ventilator_modes.pdf
  • https://uploads.strikinglycdn.com/files/89d936bc-74ee-472e-a96e-52dd819046c0/chartered_financial_analyst_jobs_in_south_africa.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.