PDF static analysis report

Static analysis result for SHA-256 0d86c0db13b77fb9…

SUSPICIOUS

PDF

152.3 KB Created: 2022-07-05 02:54:00 +00:00 Authoring application: hekelij (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: cacad26b2b24dd2f6c9cc5691a23ad20 SHA-1: 88e3193c300ca9025b7f0a7a4a76fed528401987 SHA-256: 0d86c0db13b77fb94e3a64bd9560cf2a91294aba6c58f3a53cd68ca771c69760
34 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment

The PDF document contains multiple embedded URLs that advertise cracked software, specifically Adobe Photoshop. One of the heuristic firings indicates a 'PDF_CRACKED_SOFTWARE_LURE' with 6 links found. The primary malicious URL identified is http://dawnloadonline.com/, which likely serves as a download or redirection point for malicious payloads. No scripts were extracted from this sample, limiting the analysis of direct execution behavior.

Machine Learning

  • Nyx PDF Classifier clean score 0.0046

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://dawnloadonline.com/ZG93bmxvYWR8ajJ5TTI1MU1IeDhNVFkxTmprNE1UVXdOSHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/birthstone/QWRvYmUgUGhvdG9zaG9wIDIwMjEgKFZlcnNpb24gMjIuMC4xKQQWR/bulldoze/garnishees=arrogant=malnutrition=indefectible=noia PDF link annotation
    • https://p2p-tv.com/adobe-photoshop-2021-version-22-3-1-license-key-full-3264bit-129311/In PDF document text
    • https://citoga.com/wp-content/uploads/2022/07/Photoshop_With_License_Code_Free_Download_2022.pdfIn PDF document text
    • https://poweredblack.com/wp-content/uploads/2022/07/Photoshop_2022_Version_231-1.pdfIn PDF document text
    • http://www.renexus.org/network/upload/files/2022/07/y1BHzi1OBgrclT5UCw7w_05_62847f0e9be146681bac087e5e8999d4_file.pdfIn PDF document text
    • https://plans4creativewoodworking.com/photoshop-2021-version-22-3-install-crack-torrent-win-mac/In PDF document text
    • https://www.neteduproject.org/wp-content/uploads/chahart.pdfIn PDF document text
    • https://thebrothers.cl/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_2241.pdfIn PDF document text
    • http://solaceforwomen.com/?p=42951In PDF document text
    • https://cycloneispinmop.com/adobe-photoshop-cc-2018-crack-full-version-free-pc-windows-latest/In PDF document text
    • https://www.cameraitacina.com/en/system/files/webform/feedback/ellcol683.pdfIn PDF document text
    • https://aalcovid19.org/photoshop-cc-2018-download-mac-win-final-2022/In PDF document text
    • http://www.pickrecruit.com/adobe-photoshop-2021-version-22-3-mem-patch-incl-product-key-free-download-latest-2022/In PDF document text
    • http://fricknoldguys.com/photoshop-2022-version-23-4-1-crack-with-serial-number-activation-code-with-keygen-download-for-windows-april-2022/In PDF document text
    • https://www.kekogram.com/upload/files/2022/07/QfEltyRyCAYovpbj9sp4_05_6b590633de406ca124c7653cfa6a4acf_file.pdfIn PDF document text
    • https://yourtripboy.com/adobe-photoshop-cc-2015-version-18-free-download-mac-win/In PDF document text
    • http://aqaratalpha.com/?p=33876In PDF document text
    • https://energy-varna.bg/sites/default/files/webform/krislevo249.pdfIn PDF document text
    • https://dragalacoaching1.com/wp-content/uploads/2022/07/Photoshop_CC_2015.pdfIn PDF document text
    • https://www.belmont-ma.gov/sites/g/files/vyhlif6831/f/uploads/covid_19_safety_tips.pdfIn PDF document text
    • https://www.sertani.com/upload/files/2022/07/dzeFjJMJmCQTdlOFlRmM_05_6b590633de406ca124c7653cfa6a4acf_file.pdfIn PDF document text
    • https://ameppa.org/2022/07/05/photoshop-2022-version-23-0-2-keygen-generator-lifetime-activation-code-download-win-mac/In PDF document text
    • https://thebakersavenue.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2241-1.pdfIn PDF document text
    • https://www.scet-tunisie.com/sites/default/files/webform/condidature_offre/_sid_/Photoshop-2022-Version-230_0.pdfIn PDF document text
    • https://www.foodaly.it/wp-content/uploads/2022/07/chryavr.pdfIn PDF document text
    • https://www.verenigingvalouwe.nl/advert/adobe-photoshop-2020-version-21-install-crack-download/In PDF document text
    • https://citoga.com/wp-In PDF document text
    • http://www.renexus.org/network/upload/files/2022/07/y1BHzi1OBgrclT5UCw7w_05_62847f0e9be146In PDF document text
    • http://www.pickrecruit.com/adobe-photoshop-2021-version-22-3-mem-patch-incl-product-key-free-In PDF document text
    • http://fricknoldguys.com/photoshop-2022-version-23-4-1-crack-with-serial-number-activation-code-In PDF document text
    • https://www.kekogram.com/upload/files/2022/07/QfEltyRyCAYovpbj9sp4_05_6b590633de406ca124cIn PDF document text
    • https://www.sertani.com/upload/files/2022/07/dzeFjJMJmCQTdlOFlRmM_05_6b590633de406ca124c76In PDF document text
    • https://ameppa.org/2022/07/05/photoshop-2022-version-23-0-2-keygen-generator-lifetime-activation-In PDF document text
    • https://www.scet-In PDF document text
    • http://carsuhand.yolasite.com/resources/Photoshop-CC-2015-Crack--Activation-Code--Free.pdfIn PDF document text
    • https://www.cakeresume.com/portfolios/adobe-photoshop-cs4-crack-32-64bit-latest-20In PDF document text
    • http://todebus.yolasite.com/resources/Adobe-Photoshop-CC-2018-Product-Key-Full-Download-For-Windows-Latest2022.pdfIn PDF document text
    • https://secureservercdn.net/198.71.233.44/7hj.be5.myftpupload.com/wp-content/uploads/2022/07/Photoshop_CC.pdf?time=1656986951In PDF document text
    • https://www.unh.edu/ecenter/system/files/webform/2022/07/chalwami514.pdfIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://todebus.yolasite.com/resources/Adobe-Photoshop-CC-2018-Product-Key-Full-Download-For-In PDF document text
    • https://secureservercdn.net/198.71.233.44/7hj.be5.myftpupload.com/wp-In PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    +2 more URL(s)