PDF static analysis report

Static analysis result for SHA-256 45e3b8ab968f7644…

SUSPICIOUS

PDF

127.4 KB Created: 2022-07-05 17:52:58 +00:00 Authoring application: harode (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: acd758f910afab8d9e819417e2245720 SHA-1: f471253064ee94854aae43eb62d0858c611f55b6 SHA-256: 45e3b8ab968f7644bfadc3c30d54d1489f59b963afa363f8c310d55212c366f3
34 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious File

The PDF document contains multiple embedded URLs that advertise cracked software, specifically mentioning FIFA 22. One heuristic indicates a 'PDF link farm advertises cracked/pirated software'. The primary attack pattern involves luring users to these external sites, likely to download malicious files disguised as software cracks or keygens. No scripts were extracted from this sample.

Machine Learning

  • Nyx PDF Classifier clean score 0.0174

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://sitesworlds.com/RmlmYSAyMgRml/ZG93bmxvYWR8ZGoyTTJ4c1lueDhNVFkxTnpBek5qSXlNM3g4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA/paddling.habitant/prioritising.swamped PDF link annotation
    • http://wasshygiene.com/?p=6927In PDF document text
    • https://aposhop-online.de/2022/07/05/fifa-22-serial-number-and-product-key-crack-free-download-march-2022/In PDF document text
    • https://www.raven-guard.info/fifa-22-keygen-mac-win/In PDF document text
    • https://dogrywka.pl/fifa-22-keygen-crack-setup/In PDF document text
    • https://www.raven-guard.info/fifa-22-key-generator-torrent-pc-windows-latest/In PDF document text
    • https://jimmyvermeulen.be/wp-content/uploads/2022/07/delelis.pdfIn PDF document text
    • https://www.henniker.org/sites/g/files/vyhlif5391/f/uploads/7_henniker_helps.pdfIn PDF document text
    • https://ocurme.com/fifa-22-full-license-license-code-keygen-free-download-mac-win-latest-2022/In PDF document text
    • http://knowthycountry.com/?p=7490In PDF document text
    • https://amazeme.pl/wp-content/uploads/2022/07/Fifa_22-9.pdfIn PDF document text
    • https://ideaboz.com/2022/07/06/fifa-22-universal-keygen-download/In PDF document text
    • https://h-stop.com/wp-content/uploads/2022/07/Fifa_22-5.pdfIn PDF document text
    • https://azecm.ru/wp-content/uploads/2022/07/fifa_22-4.pdfIn PDF document text
    • https://www.oakland-nj.org/sites/g/files/vyhlif1026/f/uploads/borough_calendar_2022.pdfIn PDF document text
    • https://biodashofficial.com/fifa-22-install-crack-free-for-windows/In PDF document text
    • https://www.northcastleny.com/sites/g/files/vyhlif3581/f/uploads/north_castle_records_list_by_department.pdfIn PDF document text
    • https://elektrobest.de/wp-content/uploads/2022/07/Fifa_22-9.pdfIn PDF document text
    • https://mykingdomtoken.com/upload/files/2022/07/jP9bURHbrClBUKboKuu3_05_d4f08843bbd240de4ab5b4f9984b1f6e_file.pdfIn PDF document text
    • https://topnotchjobboard.com/system/files/webform/resume/fifa-22_189.pdfIn PDF document text
    • https://emealjobs.nttdata.com/it/system/files/webform/amatiley957.pdfIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text