MALICIOUS
74
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0006
Heuristics 4
-
Cracked-software lure uses download-gateway redirectors high PDF_CRACKED_SOFTWARE_REDIRECTOR_LINK_FARMPDF contains multiple cracked-software/keygen/serial-key lure links together with long encoded download-gateway URLs or known crack-download redirector hosts. This is stronger than generic piracy vocabulary: the document is an SEO lure that funnels users through redirect/download infrastructure commonly used for adware, unwanted software, or droppers.
-
PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LUREPDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://blogbasters.com/absconded/concrete/bernd.QXV0b0Jvb2ttYXJrIFBsdWctaW4gZm9yIEFkb2JlIEFjcm9iYXQgcHJlLWFjdGl2YXRlZAQXV?/marketing/plummeting/sextoytesters/thar.ZG93bmxvYWR8dXQzTVRSaU5HbDhmREUyTlRnd01EWTJPVGw4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk PDF link annotation
- https://www.voyavel.it/the-origin-of-rice-myth-nabaloi-version-rapidshare/In PDF document text
- https://polyglothealth.com/wp-content/uploads/Program_Carti_De_Vizita_Free_Download.pdfIn PDF document text
- http://karnalketo.com/pronest822withcrackdownload-2021/In PDF document text
- http://lotem-jewelry.com/?p=48271In PDF document text
- https://fotofables.com/alice-and-simone-swallow-live-fish-and-micerar/In PDF document text
- https://ayusya.in/hager-planungssoftware-elcom-5-1-hawking-soundtracks/In PDF document text
- http://www.ndvadvisers.com/paypal-money-hacker-v2-8-july-2013-rar/In PDF document text
- https://mediquestnext.com/wp-content/uploads/2022/07/valbunn-1.pdfIn PDF document text
- https://brutalrecords.com/wp-content/uploads/2022/07/birdharb.pdfIn PDF document text
- http://www.giffa.ru/who/alpha-blondy-jah-victory-full-album-zip-fixed/In PDF document text
- https://www.crypto-places-directory.com/wp-content/uploads/2022/07/geofpel.pdfIn PDF document text
- https://betrayalstories.com/lectra-kaledo-style-v1r1c11-cracked-install/In PDF document text
- http://yorunoteiou.com/?p=575746In PDF document text
- https://speedhunters.al/wp-content/uploads/2022/07/Download_EXCLUSIVE_Dhoom_2_Torrent.pdfIn PDF document text
- https://thoitranghalo.com/2022/07/18/hd-online-player-dobaara-see-your-evil-kannada-movi-__link__/In PDF document text
- http://www.male-blog.com/2022/07/18/style-works-xt-universal-crack-hot/In PDF document text
- https://www.theblender.it/kontakt-6-v7-8-1-unlocked-crack-link/In PDF document text
- http://xn----7sbahcaua4bk0afb7c9e.xn--p1ai/opinioni-di-un-clown-pdf-13/In PDF document text
- https://www.gifmao.com/wp-content/uploads/2022/07/janvan.pdfIn PDF document text
- http://spacebott.com/?p=12762In PDF document text
- http://blogbasters.com/absconded/concrete/bernd.qxv0b0jvb2ttyxjrifbsdwctaw4gzm9yiefkb2jliefjcm9iyxqgchjllwfjdgl2yxrlzaqxv?/marketing/plummeting/sextoytesters/thar.zg93bmxvywr8dxqztvrsau5hbdhmreuytlrnd01ewtjpvgw4zkrjmu9uqjhmq2hos1ncwgizsmtjsepsyznnz1cxae5urkpruxlcv01pqlfsrvpkIn PDF document text
- http://www.tcpdf.orgIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000298e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x298E | 84508 bytes |
SHA-256: 2b7ba551bea82cc3307397981c1dbeb1b78486f95f2eb14e5e58d4e1b24edb0c |
|||
font_01_sfnt_off0000b17a.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB17A | 83036 bytes |
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.