Malicious PDF — malware analysis report

Static analysis result for SHA-256 2b64e7403b979746…

MALICIOUS

PDF

135.0 KB Created: 2022-09-12 22:26:11 +00:00 Authoring application: mersaf (via PDF Master 1.0.1) First seen: 2026-06-17
MD5: c41521416188230f1fc26efe732094bd SHA-1: e478c3c7a97f2706c581861ffbe320151a956f4d SHA-256: 2b64e7403b979746864698db44e9c78b4e8522cef1f962e905a6cc3fe36bacda
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0008

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://findthisall.com/adjenda/ZG93bmxvYWR8NUdoTVdacWEyeDhmREUyTmpJMk9EQXpPVEI4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk/?hellmuth/a2V5Z2VuIG11c2ljIG1ha2VyIDE2IHJldmlldwa2V/composure.cabinetmaker PDF link annotation
    • https://floridachiropracticreport.com/advert/gonit-ebong-aro-gonit-pdf-23/In PDF document text
    • https://restor8tivehr.com/wp-content/uploads/2022/09/VIP2_Lalkar_Hd_720p_1080p_Movies_Free_Download_NEW.pdfIn PDF document text
    • https://globaltechla.com/descargar-torrent-alimenta-tus-pedaladas-hot/In PDF document text
    • https://alafdaljo.com/alien-vs-predator-2010-pc-patch-crack-portable/In PDF document text
    • http://powervapes.net/ultraiso-premium-edition-v9-3-1-2633-multilingual-incl-serial-serial-key-repack/In PDF document text
    • https://wedesigngreen.com/education/tekla-structures-21-sr1-64-bit-crack-firstuploads-serial-key-updated-keygenIn PDF document text
    • https://toserba-muslim.com/wp-content/uploads/2022/09/kerio_control_web_filter_license_crack.pdfIn PDF document text
    • https://learnpace.com/jumong-tagalog-episodes-free-download-full-version-torrentl-hot/In PDF document text
    • http://pepsistars.com/talib-kweli-quality-full-install-album-zip-3/In PDF document text
    • https://xn--80aagyardii6h.xn--p1ai/tinymodel-princess-31-89-complete-sets-rar-top-129311-127996/In PDF document text
    • https://isaiah58boxes.com/2022/09/12/lenovo-ideapad-310-usb-driver-windows-7-install/In PDF document text
    • https://www.holidays-bulgaria.com/wp-content/uploads/2022/09/clave_de_activacion_del_office_suite_7bfdcm_exclusive.pdfIn PDF document text
    • https://www.hhlacademy.com/advert/syswin-64-bit-omron-work/In PDF document text
    • https://www.cdnapolicity.it/wp-content/uploads/2022/09/BlazBlue_Cross_Tag_Battle_Free_LINK_Download_PC_Game.pdfIn PDF document text
    • http://pixology.in/wp-content/uploads/2022/09/Nanban_Bluray_1080p_Movie_Free_319.pdfIn PDF document text
    • https://pmeceu.com/wp-content/uploads/2022/09/Shivasutraintamilpdf224_Fixed-1.pdfIn PDF document text
    • http://leasevoordeel.be/wp-content/uploads/2022/09/georay-2.pdfIn PDF document text
    • https://dashiofficial.com/wp-content/uploads/2022/09/freedownloadflstudio8cracktorrent.pdfIn PDF document text
    • https://viabestbuy.co/wp-content/uploads/2022/09/lesorie.pdfIn PDF document text
    • https://factspt.org/wp-content/uploads/2022/09/splintercelldoubleagentdownloadfullversion.pdfIn PDF document text
    • https://restor8tivehr.com/wp-In PDF document text
    • https://wedesigngreen.com/education/tekla-structures-21-sr1-64-bit-crack-firstuploads-serial-key-updated-In PDF document text
    • https://www.holidays-bulgaria.com/wp-In PDF document text
    • https://www.cdnapolicity.it/wp-In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.