PDF static analysis report

Static analysis result for SHA-256 27d7ddfd2140817e…

SUSPICIOUS

PDF

247.5 KB Created: 2022-07-08 03:56:46 +00:00 Authoring application: ignahath (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: dd5177a6a201aba4f414db476f8eae20 SHA-1: 9f67c599b585827504d0494f24470e633e3437b3 SHA-256: 27d7ddfd2140817e07afcdd9f941b1393ab76480f873bbf4c8f6f52e4310907f
34 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains multiple links that advertise cracked and pirated software, indicating a lure to potentially malicious download sites. One of the external URIs points to 'blogbasters.com', which is likely part of the distribution infrastructure for such content. The document body itself is heavily obfuscated and does not provide direct clues to its intent.

Machine Learning

  • Nyx PDF Classifier clean score 0.0067

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://blogbasters.com/ZG93bmxvYWR8UGs5WlhVek1YeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA?bioforce=&holograph=welding&incidence=YmF6YXJhYSBqYXJ2aXMgcHJvZ3JhbWFjaW9uIGxpbmVhbCBmbHVqbyAyMAYmF&buffy=ntdetect PDF link annotation
    • https://rajasthantilecontractors.com/wp-content/uploads/2022/07/friyes.pdfIn PDF document text
    • https://www.tucarroycasa.com/wp-content/uploads/2022/07/Bleher_Discus_Pdf.pdfIn PDF document text
    • http://www.jbdsnet.com/?p=19821In PDF document text
    • https://giovanimaestri.com/2022/07/08/terjemahan-kitab-minhajul-muslim-pdf-downloadl-verified/In PDF document text
    • https://battlefinity.com/upload/files/2022/07/aqHSGYpjsDmMOSNhUWct_08_596e31f5a11310c0abdf145e22930d82_file.pdfIn PDF document text
    • https://prayersonline.org/wp-content/uploads/2022/07/kirnoe.pdfIn PDF document text
    • https://ngatiporou.com/system/files/webform/HD-Online-Player-Dexter-8-Temporada-Download-720p.pdfIn PDF document text
    • https://fesalabs.com/coreldraw-graphics-suite-x8-keygen-only-xforce-rar-hot/In PDF document text
    • https://coolbreezebeverages.com/nokia-c1-01-unlocker-v1-0https-scoutmails-com-index301-php-k-nokia-c1-01-unlocker-v1-0/In PDF document text
    • https://oceanofcourses.com/watch-online-hindi-movie-main-hoon-na-on-91/In PDF document text
    • https://www.golfmotion.com.au/sites/default/files/webform/reimmaur805.pdfIn PDF document text
    • https://arabamericanbusinesscommunity.org/wp-content/uploads/2022/07/Full_Service_Game_Download_BETTER.pdfIn PDF document text
    • https://lighthousehealing.org/3design-cad-7-patched-crack18/In PDF document text
    • https://www.cameraitacina.com/en/system/files/webform/feedback/autodata-338-romana.pdfIn PDF document text
    • https://vivalafocaccia.com/wp-content/uploads/2022/07/othrai.pdfIn PDF document text
    • https://descargatelo.net/utilidades/meteorologia/nitro-pdf-professional-v6-2-0-44-x86x642021-keygen/In PDF document text
    • https://maltymart.com/advert/codigo-de-activacion-de-labeljoy/In PDF document text
    • https://www.inscapecenter.org/?p=9652In PDF document text
    • https://battlefinity.com/upload/files/2022/07/aqHSGYpjsDmMOSNhUWct_08_596e31f5a11310c0abdf145e22930d82_file.pdIn PDF document text
    • https://coolbreezebeverages.com/nokia-c1-01-unlocker-v1-0https-scoutmails-com-index301-php-k-nokia-c1-01-unlocker-In PDF document text
    • https://trello.com/c/OOCgT3XO/47-kamal-garg-auditing-book-free-download-linkIn PDF document text
    • https://trello.com/c/tCUoMmC4/185-cubase-5-full-download-rar-topIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text