CLEAN
20
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0001
Heuristics 1
-
Callback phishing phone lure medium SE_CALLBACK_LUREDocument asks the user to call a phone number in billing, refund, subscription, fraud, or security context — consistent with callback phishing or tech-support scam patterns. Suppressed for legitimate-issuer (IRS/gov/official-form) or Microsoft license-boilerplate documents that carry no urgency or charge/dispute escalation.
Extracted artifacts 7
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_016_off0002afda.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x2AFDA | 149172 bytes |
SHA-256: e3051dbca08829ac03325da0b3ac66d05742fcec13cbe5125d818459a9289aa3 |
|||
font_00_sfnt_off0002612d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2612D | 31740 bytes |
SHA-256: c0292c0580d4e2c64b0ec812ff0ed1a121a84479767e74e3747cd76f8f3ac133 |
|||
font_02_sfnt_off00034ec9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x34EC9 | 10772 bytes |
SHA-256: a38386d235cb8fde479c073bbabeeb44e7f5c480001fd3def913e27b42b7ec0a |
|||
font_03_sfnt_off00036a84.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x36A84 | 220792 bytes |
SHA-256: 86846322da3d79bdb423de239457a9b02e4d1bbe3e8acfda1cbe6d14251f31e3 |
|||
font_04_sfnt_off00037cf2.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x37CF2 | 45396 bytes |
SHA-256: a62c5c603d082b5d89472c572b7272477f62322c5fadd0736381b36cf0feef49 |
|||
font_05_sfnt_off00038a95.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x38A95 | 47796 bytes |
SHA-256: e63a51dfd52b6a8c3166c59ef4814eb245c5181b09637107ec97ab4eb48e1cf5 |
|||
font_06_sfnt_off0003c3c0.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3C3C0 | 6096 bytes |
SHA-256: 03c02e05377f87b7ffcfeecda6ee9d693b22f57d196f7e92f5eec09b0c4d8096 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.