PDF static analysis report

Static analysis result for SHA-256 088c5bc024e66a47…

SUSPICIOUS

PDF

113.4 KB Created: 2022-07-07 23:11:42 +00:00 Authoring application: bastcail (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: e2d25483581fb5966ed2803c48fdfe00 SHA-1: 0b6de6870074c0222deb5d349d793baab7a9a955 SHA-256: 088c5bc024e66a479a031748fe947c5ce316459e93cf1812354b9017130d84b3
34 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains heuristics indicating it advertises cracked software and includes external URIs pointing to such content. The primary lure appears to be the promotion of cracked software, with specific links provided for download. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier clean score 0.0187

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://blogbasters.com/ZG93bmxvYWR8dHkzTjNGdlpIeDhNVFkxTnpFNE5qazFOWHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/U3RlbGxhclBob2VuaXhQaG90b1JlY292ZXJ5ODAwMktleWdlblNlcmlhbEtleWtleWdlbgU3R.picturegear.cell.naui=christ PDF link annotation
    • https://www.tbr.edu/system/files/webform/immozim106.pdfIn PDF document text
    • https://kcmuslims.com/advert/ultima-actualizacion-sm-box-sm2-para-decodificar-nagra3-updated/In PDF document text
    • https://ubipharma.pt/2022/07/07/pixellu-smart-albums-serial-number/In PDF document text
    • https://www.landings.org/sites/default/files/webform/download-oracle-client-software-version-817-or-greater-free.pdfIn PDF document text
    • https://arlingtonliquorpackagestore.com/genuine-happiness-meditation-as-the-path-to-fulfillment-books-pdf-file/In PDF document text
    • https://infinite-dawn-25003.herokuapp.com/resident_evil_4_download_ps2_cheat_edition.pdfIn PDF document text
    • https://www.newportcyclespeedway.co.uk/advert/incir-receli-2-720p-hd/In PDF document text
    • https://frozen-lake-76544.herokuapp.com/cherber.pdfIn PDF document text
    • https://kjvreadersbible.com/proshow-producer-9-0-3782-portable-preactivado-link/In PDF document text
    • https://bnbdealer.com/?p=21414In PDF document text
    • https://ecop.pk/mobione-studio-crackediso-exclusive/In PDF document text
    • https://scamfie.com/hd-online-player-prem-ratan-dhan-payo-full-movie-hd-d-repack/In PDF document text
    • https://magic-lamps.com/2022/07/07/hd-online-player-piranha-2010-tamil-dubbed-movie-down/In PDF document text
    • http://match2flame.com/girlvania-summer-lust-game-hack/In PDF document text
    • https://ikcasino.com/2022/07/08/tems-pocket-license-generator-31/In PDF document text
    • https://trello.com/c/nWJzCUTY/58-crack-serial-serato-video-software-topIn PDF document text
    • https://trello.com/c/1H7RzBOV/94-colos-create-professional-50-keygen-toprarlIn PDF document text
    • https://trello.com/c/3rNnOJCq/169-star-trek-v-l-039ultima-frontiera-720p-torrentIn PDF document text
    • http://panige.yolasite.com/resources/System-Mechanic-Professional-20-HOT-Crack-2020-Keygen.pdfIn PDF document text
    • https://eoss-forms.asu.edu/system/files/webform/mandjam383.pdfIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text
    • http://panige.yolasite.com/resources/system-mechanic-professional-20-hot-crack-2020-keygen.pdfIn PDF document text