MALICIOUS
134
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0019
Heuristics 5
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Cracked-software lure uses download-gateway redirectors high PDF_CRACKED_SOFTWARE_REDIRECTOR_LINK_FARMPDF contains multiple cracked-software/keygen/serial-key lure links together with long encoded download-gateway URLs or known crack-download redirector hosts. This is stronger than generic piracy vocabulary: the document is an SEO lure that funnels users through redirect/download infrastructure commonly used for adware, unwanted software, or droppers.
-
PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LUREPDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://evacdir.com/foolishness.imal?ZG93bmxvYWR8NHNLY1d0amNYeDhNVFkxTkRrNE9URTJNbng4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA=RGFwaG5lIEFuZCBJcmluYSBQcmV0ZWVuIFZpZGVvRGF=ight=tokenism=apologizes PDF link annotation
- http://www.vidriositalia.cl/?p=12617In PDF document text
- http://rt2a.org/wp-content/uploads/2022/06/jusull.pdfIn PDF document text
- https://botkyrkaboxning.se/wp-content/uploads/2022/06/Bit_Ly_W7keystxt_2021.pdfIn PDF document text
- https://shopuskart.com/wp-content/uploads/2022/06/Shema_Elektro_Instalacije_Za_Imt_539l.pdfIn PDF document text
- https://thecryptobee.com/wp-content/uploads/2022/06/fieciar.pdfIn PDF document text
- https://psychomotorsports.com/snowmobiles/17290-movavi-video-converter-12-3-clave-de-activacion-gratis-upd/In PDF document text
- http://ims-tein.com/wp-content/uploads/2022/06/walbar.pdfIn PDF document text
- https://omidsoltani.ir/232053/poto-bugil-andrea-dian.htmlIn PDF document text
- https://www.anastasia.sk/savita-bhabhi-episode-51-kickass-14-pdf/In PDF document text
- https://ciying.info/utorrent-pro-3-5-5-build-45231-upd-crack-with-latest-version-2019-download-2/In PDF document text
- https://www.aveke.fr/wp-content/uploads/2022/06/Windows_7_Evolution_Sp1_64bit_Torrent.pdfIn PDF document text
- https://baseheadinc.com/wp-content/uploads/2022/06/Jolly_Phonics_Pupil_Book_3_Download_REPACK.pdfIn PDF document text
- https://voltigieren-bb.de/advert/patched-camel-audio-cameleon-5000-vsti-v1-2-paradox-rar-best/In PDF document text
- https://zannza.com/wp-content/uploads/2022/06/All_Activation_Windows_7810_v105_Office_Activator_rar.pdfIn PDF document text
- https://mevoydecasa.es/crack-keyframe-animation-sketchup-updated/In PDF document text
- https://allthingsblingmiami.com/?p=35992In PDF document text
- http://turismoaccesiblepr.org/?p=4293In PDF document text
- https://luvmarv.com/wp-content/uploads/2022/06/Flight1_Atr_72_500_Fsx_Crack_HOT.pdfIn PDF document text
- https://pascanastudio.com/wp-content/uploads/2022/06/Tetra_4D_3d_Pdf_Converter_35_Crackrar101.pdfIn PDF document text
- https://astrofiz.ro/wp-content/uploads/2022/06/download_traducao_sniper_elite_3.pdfIn PDF document text
- http://evacdir.com/foolishness.imal?zg93bmxvywr8nhnly1d0amnyedhnvfkxtkrrne9urtjnbng4twpvnu1iedhlrtbwsuzkdmntundjbvz6y3lcyldfmu1vbejesuzzeulgqkvsbda=rgfwag5liefuzcbjcmluysbqcmv0zwvuifzpzgvvrgf=ight=tokenism=apologizesIn PDF document text
- http://www.tcpdf.orgIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000132c.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x132C | 120140 bytes |
SHA-256: a217f12862e0ff75203bdd4136ca0d68471050be46bb09aed5306898926ffdd4 |
|||
font_01_sfnt_off0000c10f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC10F | 76772 bytes |
SHA-256: 07ce6fea3c98bf59133021be55ce9147f9c26365efe580a2a4f82130ca697f54 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.