CLEAN
22
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0001
Heuristics 2
-
Clickable URI uses URL shortener medium PDF_URL_SHORTENER_URIPDF contains a clickable HTTP(S) action whose destination is a URL shortener. This hides the final landing page from static review and is common in phishing redirect PDFs.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://t.co/mnOMs1Yl7G In PDF document text
- https://t.co/dL72duPtgvIn PDF document text
Extracted artifacts 7
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
icc_00_off000000c3.icc |
pdf-icc-profile | PDF ICC profile at offset 0xC3 | 536 bytes |
SHA-256: d9f822e8083f2f4d1c91e887454be5f75e8c7144b2853408f361e3c4a7a6b36d |
|||
font_00_sfnt_off0001cae2.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x1CAE2 | 18424 bytes |
SHA-256: d25a2857f522ca94e72551212fbc4b5017bf2f5dd2f1ee44d658b03cdcd1ea38 |
|||
font_01_sfnt_off0002037b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2037B | 47772 bytes |
SHA-256: affcec55ed1c05054c8735b1b28b449cce341f5c83604bdc853e1e01deb30897 |
|||
font_02_sfnt_off0002114e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2114E | 8532 bytes |
SHA-256: 4af1881a0d149eba3c0bcf43c86fd3026807141d7213535e1fde446d702a911a |
|||
font_03_sfnt_off0002256b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2256B | 46296 bytes |
SHA-256: ffb89ecbf8fedf8101827513f0aef0637e03a1984b63b9a43c74c8651e5f8ca3 |
|||
font_04_sfnt_off00028eb3.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x28EB3 | 12104 bytes |
SHA-256: 883364879ae20622a8b3200a2459700638e5f0c62bda57e83de43d2f0488aba1 |
|||
font_05_sfnt_off0002aba0.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2ABA0 | 182388 bytes |
SHA-256: e04311bd1333413d0b4d4d7e974a6c79cd2d35c0c769b057a005106956f0fa6e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.