PDF static analysis report

Static analysis result for SHA-256 4244a4ac28999bdd…

CLEAN

PDF

399.6 KB Authoring application: Skia/PDF m150 Google Docs Renderer First seen: 2026-05-26
MD5: 10ad57c5fcaeb334e1ed1e9a3aa13887 SHA-1: 5a2d5e51067d8dd8fc3e8342fad2c8965bc4180b SHA-256: 4244a4ac28999bdd676e504949340dd6377450d54f8f8730d9e5747387be9668
22 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0001

Heuristics 2

  • Clickable URI uses URL shortener medium PDF_URL_SHORTENER_URI
    PDF contains a clickable HTTP(S) action whose destination is a URL shortener. This hides the final landing page from static review and is common in phishing redirect PDFs.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://t.co/dL72duPtgv In PDF document text

Extracted artifacts 4

Files carved from inside the sample during analysis.

FilenameKindSourceSize
icc_00_off000000c7.icc pdf-icc-profile PDF ICC profile at offset 0xC7 536 bytes
SHA-256: d9f822e8083f2f4d1c91e887454be5f75e8c7144b2853408f361e3c4a7a6b36d
font_00_sfnt_off0005521f.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x5521F 143648 bytes
SHA-256: 07cff730383eca2bf28a854cd2c9232fa593f564d441cfdfb53fdbdedd3dd158
font_01_sfnt_off0005d558.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x5D558 47092 bytes
SHA-256: ac7b0ac0b06c0d53f5d6b21d0786a12dfa6324697b2f68a6e5986d6191f87893
font_02_sfnt_off00060fa2.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x60FA2 12104 bytes
SHA-256: 883364879ae20622a8b3200a2459700638e5f0c62bda57e83de43d2f0488aba1