Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://xajibur.ru/strik?utm_term=why+is+my+dryer+not+drying+properly PDF link annotation

  • https://cdn-cms.f-static.net/uploads/4459180/normal_604badc0e9107.pdfIn PDF document text
  • https://cdn-cms.f-static.net/uploads/4401723/normal_6016a68b1ec3d.pdfIn PDF document text
  • http://www.ascendercorp.com/In PDF document text
  • http://www.ascendercorp.com/typedesigners.htmlIn PDF document text
  • https://uploads.strikinglycdn.com/files/6289d467-cf4b-4301-81ce-e618537625f5/how_to_tell_who_shared_your_photo_on_facebook.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/c7824c60-2304-484c-9e8f-11b735511329/how_do_african_elephants_adapt_to_their_environment.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/026442c7-47dc-4279-8246-7d9c90e40333/vikozetuzubof.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/a883fd03-153c-4d68-a238-19d965375b5c/3691282240.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/3c625eb6-2e38-431c-8fc2-4c2f22796e50/how_much_is_the_salary_of_a_microbiologist_in_nigeria.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/ee48a235-5ff9-4b1c-8a30-1a92697e3834/amor_en_tiempos_de_colera_pelicula_descargar.pdfIn PDF document text
  • https://s3.amazonaws.com/jupevuxirapi/duzir.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/8beb56d9-4f46-4b45-b639-46dfbfaaf302/what_does_the_term_pact_of_steel_mean.pdfIn PDF document text
  • https://s3.amazonaws.com/pesetufavo/reset_medialink_router_to_factory_settings.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/d244760c-f019-4ddc-85f3-3090c7c094d4/5480213730.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/30a173a3-ec00-4d87-9085-7770747d6572/what_is_the_difference_between_western_and_eastern_concept_of_philosophy.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/c7f4ca4f-212a-4a59-b330-025b7fc5c79b/how_to_write_a_script_for_an_animated_tv_series.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/5edc0d87-afbc-447a-8840-f9f57fb5c257/xufapo.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/209db804-44a2-41f1-9db1-48a96a1a8bc0/an_introduction_to_mathematics_for_economics_akihito_asano.pdfIn PDF document text
  • https://uploads.strikinglycdn.com/files/b5823623-8b7e-4d0e-bb7f-4a597ac43503/usmle_first_aid_step_1_2019.pdfIn PDF document text
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
  • http://purl.org/dc/elements/1.1/In PDF document text
  • http://ns.adobe.com/pdf/1.3/In PDF document text
  • http://ns.adobe.com/xap/1.0/In PDF document text
  • http://ns.adobe.com/xap/1.0/mm/In PDF document text
  • http://ns.adobe.com/xap/1.0/rights/In PDF document text
  • http://scripts.sil.org/OFLIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.