Malicious PDF — malware analysis report

Static analysis result for SHA-256 2b6f288a93bd535b…

MALICIOUS

PDF

126.9 KB Created: 2022-07-08 07:28:20 +00:00 Authoring application: aleiadir (via PDF Master 1.0.1) First seen: 2026-06-17
MD5: 8b851a69dd5da5f650ee15b8dd189989 SHA-1: 2933657e6c95a596114827dba85f2c155d6d19b1 SHA-256: 2b6f288a93bd535b4789c1a4593447d76c8f7509280afc1362e1039fd54e8cf4
64 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0098

Heuristics 3

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://esecuritys.com/UmVhbHRlayBSdGw4MTM5IDYxMTEgV2luNyBaaXAUmV/asam/ZG93bmxvYWR8RmUzYW5nNU5YeDhNVFkxTnpFNE5qazFOWHg4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/justifiably/alphabetically/rang/rollershutterdoors&shunted= PDF link annotation
    • https://lll.dlxyjf.com/upload/files/2022/07/YVKsuyHOLIbg8snCIrPd_08_a50e815772102cfce5b42838e8da7fbe_file.pdfIn PDF document text
    • https://expressionpersonelle.com/ross-tech-usb-library-version-03-01-19-extra-quality/In PDF document text
    • http://ourwebsitetest.es/?p=4800In PDF document text
    • https://mandarinrecruitment.com/system/files/webform/valyago69.pdfIn PDF document text
    • https://social.urgclub.com/upload/files/2022/07/NZhjiatQih2CCSijX7nd_08_a50e815772102cfce5b42838e8da7fbe_file.pdfIn PDF document text
    • http://dichvuhoicuoi.com/?p=33617In PDF document text
    • http://www.skyhave.com/upload/files/2022/07/myorsn1sgpn35MrfDsM3_08_a50e815772102cfce5b42838e8da7fbe_file.pdfIn PDF document text
    • https://nbdsaudi.com/wp-content/uploads/2022/07/Aayirathil_Oruvan_Parthiban_Intro_Hd_1080p_TOP.pdfIn PDF document text
    • http://networks786.ovh/upload/files/2022/07/U77EBeYbkEW5h3Yn8NUM_08_a50e815772102cfce5b42838e8da7fbe_file.pdfIn PDF document text
    • https://vesinhnhatrang.com/2022/07/08/resident-evil-6-v1-0-plus-9-trainer-fling-update-link/In PDF document text
    • http://www.lairdrandf.com/sites/rf/files/2021-03/ApplicationIn PDF document text
    • http://www.danielecagnazzo.com/?p=34470In PDF document text
    • http://chatroom.thabigscreen.com:82/upload/files/2022/07/UiD24JEa486RgfJfZMYw_08_d6c36f39a9989c38351ee5997152f9bf_file.pdfIn PDF document text
    • https://www.rjramjhajharnews.com/wp-content/uploads/2022/07/tempmyka.pdfIn PDF document text
    • https://www.north-reading.k12.ma.us/sites/g/files/vyhlif1001/f/uploads/sc_2021-22_final_goals.pdfIn PDF document text
    • https://earthoceanandairtravel.com/2022/07/08/autocad2008forwindows732bitfree-topdownload/In PDF document text
    • https://mykingdomtoken.com/upload/files/2022/07/1ryfVMW9INgn1XGgpXOX_08_a50e815772102cfce5b42838e8da7fbe_file.pdfIn PDF document text
    • https://over-the-blues.com/advert/r-u-s-e-mega-trainer-1-0-0-1-01-03-2011/In PDF document text
    • https://gecm.es/wp-content/uploads/2022/07/Vrayforrevitcrack66_BEST.pdfIn PDF document text
    • https://lll.dlxyjf.com/upload/files/2022/07/YVKsuyHOLIbg8snCIrPd_08_a50e8In PDF document text
    • https://expressionpersonelle.com/ross-tech-usb-library-In PDF document text
    • https://social.urgclub.com/upload/files/2022/07/NZhjiatQih2CCSijX7nd_08_aIn PDF document text
    • http://www.skyhave.com/upload/files/2022/07/myorsn1sgpn35MrfDsM3_08_In PDF document text
    • https://nbdsaudi.com/wp-content/uploads/2022/07/Aayirathil_Oruvan_ParthiIn PDF document text
    • http://networks786.ovh/upload/files/2022/07/U77EBeYbkEW5h3Yn8NUM_08_In PDF document text
    • https://vesinhnhatrang.com/2022/07/08/resident-evil-6-v1-0-plus-9-trainer-In PDF document text
    • http://chatroom.thabigscreen.com:82/upload/files/2022/07/UiD24JEa486RgfJIn PDF document text
    • https://www.rjramjhajharnews.com/wp-In PDF document text
    • https://www.north-reading.k12.ma.us/sites/g/files/vyhlif1001/f/uploads/sc_20In PDF document text
    • https://earthoceanandairtravel.com/2022/07/08/autocad2008forwindows732In PDF document text
    • https://mykingdomtoken.com/upload/files/2022/07/1ryfVMW9INgn1XGgpXOIn PDF document text
    • https://wakelet.com/wake/QT_8ORp6ijBu_fKZHus_MIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text