CLEAN
6
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0006
Heuristics 3
-
TrueType bitmap font + active content — CVE-2023-26369 related info PDF_CVE_2023_26369_RELATEDPDF embeds a TrueType font with bitmap tables (EBDT/sbix/CBDT) alongside exploit delivery indicators — CVE-2023-26369 exploits the sfac_GetSbitBitmap function in Adobe's libCoolType for arbitrary code execution. This CVE was actively exploited in the wild, but this rule does not validate the malformed EBLC/EBDT primitive.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.����-��������������-����������������.����/ In PDF document text
- http://yugorsk-five-school.ru/In PDF document text
- http://������������-��������������.������/In PDF document text
- https://tatfrontu.ru/term-common/galereyaIn PDF document text
- http://pobeda.poklonnayagora.ru/tech/In PDF document text
- http://fotohroniki.ru/In PDF document text
- https://www.litmir.me/In PDF document text
- https://www.bookol.ru/In PDF document text
- https://miridei.com/idei-dosuga/kakuyu-knigu-pochitat/10_samyh_silnyh_knig_o_vojne_do_murashek_po_kozhe_i_drozhi_v_tele/In PDF document text
- https://alenavoice.ru/uroki-vokala/kak-razuchivat-pesniIn PDF document text
- https://dropi.ru/posts/test-pro-tanki-uznaj-boevuyu-mashinu-po-siluetuIn PDF document text
- https://dropi.ru/posts/test-dlya-lyubitelej-i-znatokov-oruzhiya-znaesh-li-ty-strelkovoe-oruzhie-vremen-velikoj-otechestvennoj-vojnyIn PDF document text
- https://warspot.ru/11978-shutok-ne-lyubit-oshibok-ne-proschaet-test-warspotIn PDF document text
- https://dropi.ru/posts/test-prover-svoi-znaniya-ob-sssr-vo-vremya-velikoj-otechestvennoj-vojnyIn PDF document text
- https://dropi.ru/posts/istoricheskij-test-chto-ty-pomnish-o-vtoroj-mirovoj-vojneIn PDF document text
- http://pobeda.poklonnayagora.ru/city/In PDF document text
- http://navpam.ru/In PDF document text
- http://navpam.ru/artmedia/khudozhestvennye-filmyIn PDF document text
- http://navpam.ru/artmedia/documentaln-filmyIn PDF document text
- http://��������������.����/In PDF document text
- http://yugorsk-five-school.ruIn PDF document text
- https://tatfrontu.ru/term-In PDF document text
- http://pobeda.poklonnayagora.ru/tIn PDF document text
- https://miridei.com/idei-In PDF document text
- https://alenavoice.ru/uroki-In PDF document text
- https://mytyshi-In PDF document text
- https://dropi.ru/posts/test-pro-tanki-In PDF document text
- https://dropi.ru/posts/test-dlya-In PDF document text
- https://warspot.ru/11978-shutok-ne-In PDF document text
- https://dropi.ru/posts/test-prover-In PDF document text
- https://dropi.ru/posts/istoricheskij-In PDF document text
- http://pobeda.poklonnayagora.ru/citIn PDF document text
- http://navpam.ru/artmedia/khudozhIn PDF document text
- http://navpam.ru/artmedia/documenIn PDF document text
- http://www.за-честные-продукты.рф/PDF link annotation
- https://www.facebook.com/BrazhkoAleksandr/In PDF document text
- https://youtu.be/XCSbQUrhXP4In PDF document text
- https://daily.afisha.ru/brain/4272-10-sovetov-o-tom-kak-pravilno-hodit-v-muzey/In PDF document text
- http://sosedi.org.ru/In PDF document text
- https://www.youtube.com/In PDF document text
- https://chat.whatsapp.com/In PDF document text
- https://pravoslavie.ru/53349.htmlIn PDF document text
- https://mytyshi-school1.edusite.ru/p298aa1.htmlIn PDF document text
- https://ru.wikipedia.org/wiki/%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B0-%D0%B3%D0%B5%D1%80%D0%BE%D0%B8In PDF document text
- https://ru.wikipedia.org/wiki/%D0%9A%D0%B0%D1%80%D0%B1%D1%8B%D1%88%D0%B5%D0%B2,_%D0%94%D0%BC%D0%B8%D1%82%D1%80%D0%B8%D0%B9_%D0%9C%D0%B8%D1%85%D0%B0%D0%B9%D0%BB%D0%BE%D0%B2%D0%B8%D1%87In PDF document text
- https://www.facebook.com/groups/ircstars/In PDF document text
- https://yandex.ru/efir?stream_id=4a3bdae344abe1759da36cd7ba976cb5In PDF document text
- https://forms.gle/4hkDZbv1wD74ycRe6In PDF document text
- https://yadi.sk/d/4aAcme984l_-LAIn PDF document text
- https://www.facebook.com/groups/75Pobeda/In PDF document text
+21 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_137_off00067a44.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x67A44 | 565084 bytes |
SHA-256: 4340c9300d4fbf06d369e7b3fc991d2e34ee01919ffb2a506ef179774c06c1b1 |
|||
stream_138_off00096f6a.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x96F6A | 381388 bytes |
SHA-256: f9e04c84195c785ccfb480be040172dd51d23e2e800577740b955b425a5a071e |
|||
stream_139_off000afdfb.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0xAFDFB | 403328 bytes |
SHA-256: bd8ec4070042ffec43bb1bb7aef597bd65cac1fe970ddd44df814069dcd8496e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.