Malicious PDF — malware analysis report

Static analysis result for SHA-256 45ded33bc3431cd1…

MALICIOUS

PDF

114.1 KB Created: 2022-07-18 01:03:38 +00:00 Authoring application: nesbolly (via PDF Master 1.0.1) First seen: 2026-06-28
MD5: 006ff8d8826938df5a10dee124504965 SHA-1: 7028f26c250c6104ecb175b0590b84ee146bba1e SHA-256: 45ded33bc3431cd1928ab71b483fafc9b269f632fe7f4beb0022bff063090d1c
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0014

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://starsearchtool.com/aundrea/d2hlbiBoYXJyeSBtZXQgc2FsbHkgNzIwcCBlbmdsaXNoIHN1YnRpdGxlcwd2h/shrunk/unlocking.ZG93bmxvYWR8S0s3Ym5kamJYeDhNVFkxT0RBd05qWTVPWHg4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA?cruiserweight&instantaneously=johnston PDF link annotation
    • http://postbaku.info/?p=24338In PDF document text
    • https://itoflies.com/ja-windows-7-ultimate-x64-dvd-x15-65940-iso-updated/In PDF document text
    • https://inmobiliaria-soluciones-juridicas.com/2022/07/microsoft-onenote-portableIn PDF document text
    • https://ipa-softwareentwicklung.de/wp-content/uploads/2022/07/Download_TransOcean_The_Shipping_Company_exe.pdfIn PDF document text
    • https://www.footballdelhi.com/autosplitter-full-__top__-version-with-crack/In PDF document text
    • https://stellarismods.com/wp-content/uploads/2022/07/inowar.pdfIn PDF document text
    • https://farmtotabletours.com/wp-content/uploads/2022/07/derrowy.pdfIn PDF document text
    • https://emiratesoptical.net/first-love-full-movie-with-english-subtitles-download-for-movie-link/In PDF document text
    • http://www.studiofratini.com/teorija-muzike-tajcevic-pdf-13-hot/In PDF document text
    • https://diligencer.com/wp-content/uploads/2022/07/Plan_Iq_267.pdfIn PDF document text
    • https://www.danielecagnazzo.com/wp-content/uploads/2022/07/German_Luger_Serial_Number_Lookup.pdfIn PDF document text
    • http://www.rixridy.com/?p=29056In PDF document text
    • https://ozarkinstitute.oncospark.com/wp-content/uploads/2022/07/Ishaan_3_Full_Movie_In_Hindi_Download_UPDATED.pdfIn PDF document text
    • http://ulegal.ru/wp-content/uploads/2022/07/HD_Online_Player_Dragon_Ball_Z_Battle_Of_Gods_English_Dubbed_720p_Torrent_Download_EXCLUSI.pdfIn PDF document text
    • http://adomemorial.com/2022/07/18/fajront-u-sarajevu-pdf-download-link/In PDF document text
    • http://www.7daystobalance.com/advert/nero-platinum-2019-suite-20-0-07200-patch/In PDF document text
    • https://rei4dummies.com/google-earth-pro-final-4-2-0205-5730-utorrent/In PDF document text
    • https://rerummea.com/wp-content/uploads/2022/07/Khuda_Gawah_4_Movie_In_Hindi_Download_Mp4_BETTER.pdfIn PDF document text
    • https://buycoffeemugs.com/wp-content/uploads/2022/07/Avengers_2012_Movie_Download_LINK_720p_Torrents_Lespen_Aegypten_Vereinsgruendung_Pornodown.pdfIn PDF document text
    • http://goodidea.altervista.org/advert/idreamofjeanniedownloadinhinditorrent-cracked/In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00001b8a.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x1B8A 84508 bytes
SHA-256: 2b7ba551bea82cc3307397981c1dbeb1b78486f95f2eb14e5e58d4e1b24edb0c
font_01_sfnt_off0000a376.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xA376 83036 bytes
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261

Open this report in the interactive analyzer, or submit your own file for analysis.