Malicious PDF — malware analysis report

Heuristics 4

• ClamAV: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0 critical CLAMAV_DETECTION
  ClamAV detected this file as malware: Pdf.Phishing.Trojan-d2568dad23a94d95-d2568dad23a94d95-10044375-0
• External URI info PDF_URI
  PDF contains an external URL action
• Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
  The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://jumiwimov.ru/strik?utm_term=mcgraw+hill+3rd+grade+math+pdf

  • http://sujimelowakolop.medianewsonline.com/chemical_reaction_curved_arrows.pdf
  • https://cdn.sqhk.co/fuzikago/Shaihjg/36803129202.pdf
  • https://cdn-cms.f-static.net/uploads/4485818/normal_6024b1723572f.pdf
  • https://cdn.sqhk.co/wagejino/fcjcRja/pick_me_up_cafe_clark_street.pdf
  • https://cdn-cms.f-static.net/uploads/4424347/normal_600aedb16e8b8.pdf
  • https://cdn-cms.f-static.net/uploads/4369516/normal_600ceeb498fdd.pdf
  • http://sabovibin.medianewsonline.com/33029044457.pdf
  • http://lazujifoxupa.getenjoyment.net/alpha_1_antitrypsin_deficiency_liver.pdf
  • https://cdn.sqhk.co/laxegipo/zibigtz/88951457688.pdf
  • http://vogolimipogusoz.mypressonline.com/nikon_d40x_battery_stuck.pdf
  • http://www.ascendercorp.com/
  • http://www.ascendercorp.com/typedesigners.html
  • https://631ffb88-cf2d-4844-8d6b-9338a1b21cc5.filesusr.com/ugd/d24e6f_bb0fb5cd437e4a83920b3e5a97afaa14.pdf?index=true
  • https://uploads.strikinglycdn.com/files/d4bbc3de-a77b-4197-81e2-ed97f50b8ec1/lidezirariwedolufag.pdf
  • https://uploads.strikinglycdn.com/files/c198c973-4833-4412-832f-cdd6b05a4cda/backbeat_fit_3150_vs_3200.pdf
  • https://s3.amazonaws.com/mokixetat/bozivug.pdf
  • https://s3.amazonaws.com/marimejerebo/gajugifamiputepi.pdf
  • https://efed9c07-4553-4484-a419-1b844d271aeb.filesusr.com/ugd/6f475a_00009bdc6df747ee8c91007038e92274.pdf?index=true
  • https://uploads.strikinglycdn.com/files/7c6460f2-44e7-4657-8118-f4b78daf36e4/pisodulipe.pdf
  • https://s3.amazonaws.com/tomamujuf/ralusom.pdf
  • https://uploads.strikinglycdn.com/files/b9c1749e-654b-4c2a-a4b8-a32297bc4aed/dumewadaxebedivodepu.pdf
  • https://6ddb26ad-aa8e-4a3e-a925-5cef6fc035e1.filesusr.com/ugd/d3d820_c68037fb49554a6c9d43ecfa19091b7e.pdf?index=true
  • https://uploads.strikinglycdn.com/files/8deb9062-5e16-45c7-b2c5-9c6c87521830/sunumumujukagog.pdf
  • https://e0eedba4-cf99-4c42-97f5-d3f9ae5832dd.filesusr.com/ugd/e36ea7_8285e198bf514261a489c82ca6edd7f8.pdf?index=true
  • https://s3.amazonaws.com/putelekireza/abcd_full_movie_malayalam.pdf
  • https://s3.amazonaws.com/tawovojo/benanitepake.pdf
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • http://purl.org/dc/elements/1.1/
  • http://ns.adobe.com/pdf/1.3/
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/rights/
  • http://scripts.sil.org/OFL

Open this report in the interactive analyzer, or submit your own file for analysis.