MALICIOUS
74
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0009
Heuristics 4
-
Cracked-software lure uses download-gateway redirectors high PDF_CRACKED_SOFTWARE_REDIRECTOR_LINK_FARMPDF contains multiple cracked-software/keygen/serial-key lure links together with long encoded download-gateway URLs or known crack-download redirector hosts. This is stronger than generic piracy vocabulary: the document is an SEO lure that funnels users through redirect/download infrastructure commonly used for adware, unwanted software, or droppers.
-
PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LUREPDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://mydrugdir.com/requirement/verdes/seabed/?ZG93bmxvYWR8OUxyTVd0Mk5qZDhmREUyTmpJMk9EQXpPVEI4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk=SEQgT25saW5lIFBsYXllciAoVGhlIEdoYXppIEF0dGFjayBtb3ZpZSBoaW5kaSBkdWJiZWQgKQSEQ&tandon PDF link annotation
- https://xenosystems.space/wp-content/uploads/2022/09/The_The_Patriot_dubbed_From_English_Full_Movie_Download_HOT_In_Hindi.pdfIn PDF document text
- https://www.gift4kids.org/wp-content/uploads/2022/09/Short_Circuit_Calculator_Free_Download.pdfIn PDF document text
- https://templobiblicoprovidence.org/hd-movies-1080p-dual-satyagraha/In PDF document text
- http://executivenavi.com/wp-content/uploads/2022/09/HD_Online_Player_Coco_English_Download_WORK_Moviesgolkes.pdfIn PDF document text
- http://www.rathisteelindustries.com/duy-bundle-63-native-au-vst-rtas-mas-windows/In PDF document text
- https://gamersmotion.com/justkaraoke-2-0-activation-code-patched/In PDF document text
- https://buycoffeemugs.com/ch9200-usb-ethernet-adapter-driver-upd-download/In PDF document text
- https://dwfind.org/repack-download-novel-dari-sujud-ke-sujud-pdf/In PDF document text
- http://bonnethotelsurabaya.com/?p=83971In PDF document text
- https://quicktoptens.com/wp-content/uploads/2022/09/Lucents_Complete_Mathematics_Pdf_VERIFIED_Download.pdfIn PDF document text
- https://sarahebott.org/h-gamesact-buchikome-high-kick-december-2015h-gamesact-buchikome-high-kick-december-2015/In PDF document text
- http://www.glasspro.pl/2022/09/13/mount-and-blade-warband-crack-1168-227-repack/In PDF document text
- https://brandyallen.com/wp-content/uploads/2022/09/Astrocomp_E_Kundli_2009_Crack_FULL.pdfIn PDF document text
- https://loskutbox.ru/wp-content/uploads/2022/09/HuongdanFREE_Crackstickynote90.pdfIn PDF document text
- https://www.beaches-lakesides.com/realestate/metodosytecnicasdeinvestigacionlourdesmunchpdf457/In PDF document text
- https://thecryptobee.com/protesis-fija-contemporanea-rosenstiel-pdf-download-hot/In PDF document text
- http://xn----7sbahcaua4bk0afb7c9e.xn--p1ai/adobe-photoshop-elements-6-0-keygen-new-download/In PDF document text
- https://mevoydecasa.es/snoop-dogg-doggystyle-full-album-zip-_verified_/In PDF document text
- https://vincyaviation.com/easy-mark-labeling-software-serial-number-__full__/In PDF document text
- https://bodhirajabs.com/wp-content/uploads/2022/09/burger_lounge_game_download.pdfIn PDF document text
- http://mydrugdir.com/requirement/verdes/seabed/?zg93bmxvywr8ouxytvd0mk5qzdhmreuytmpjmk9eqxppvei4zkrjmu9uqjhmq2hos1ncwgizsmtjsepsyznnz1cxae5urkpruxlcv01pqlfsrvpk=seqgt25saw5lifbsyxllciaovghliedoyxppief0dgfjaybtb3zpzsboaw5kasbkdwjizwqgkqseq&tandonIn PDF document text
- http://www.tcpdf.orgIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000013fd.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x13FD | 84508 bytes |
SHA-256: 2b7ba551bea82cc3307397981c1dbeb1b78486f95f2eb14e5e58d4e1b24edb0c |
|||
font_01_sfnt_off00009be9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x9BE9 | 83036 bytes |
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.