CLEAN
4
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0001
Heuristics 2
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.gust.org.pl In PDF document text
- http://www.gust.org.pl/fonts/licenses/GUST-FONT-LICENSE.txtIn PDF document text
- http://tug.org/fonts/licenses/GUST-FONT-LICENSE.txtIn PDF document text
Extracted artifacts 18
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_020_off0001f570.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x1F570 | 14922 bytes |
SHA-256: c87c34d382b3fe1742c0095fd7a2983053a63693a80e149a0292341a2965fcf4 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.94, consistent with packed or encrypted content.
|
|||
stream_025_off00034ecc.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x34ECC | 2594 bytes |
SHA-256: e7d14d31cfa8d9544f17b825c1e861114b64eb05e703a347d239a4ee208e5022 |
|||
stream_026_off000357ba.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x357BA | 2589 bytes |
SHA-256: 7e5b9b11d211385c1b51561486f606ce00e2cc1b15d27c0359128d6135c95ebb |
|||
stream_027_off000360ad.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x360AD | 2563 bytes |
SHA-256: 6bb33f469c0913b48c3072f9848ad4e4b957dadd7c8fd87bb7d3083a3961fe19 |
|||
stream_028_off00036983.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x36983 | 2872 bytes |
SHA-256: ea4c300e36b66fc6780e7591c3538c4b6376a1e59fbe055f9180432b60a28894 |
|||
stream_029_off00037398.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x37398 | 23011 bytes |
SHA-256: 8eed82b9ec3091a60d9cd268d35f64c1594e894e752ef8cfd0850659b3a3fc8e |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.95, consistent with packed or encrypted content.
|
|||
font_00_type1_off0000a9bf.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0xA9BF | 4112 bytes |
SHA-256: 0bd5c0920f8776dba54fe78f225d674631e591ab158ad076e91742f869f9eafe |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.44, consistent with packed or encrypted content.
|
|||
font_01_type1_off0000b8c1.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0xB8C1 | 2453 bytes |
SHA-256: 80bea6a1c335c0c8b71c6c60f2104e1e6058992a4fea8cd19efdcd1dae0ad1ee |
|||
font_02_type1_off0000c129.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0xC129 | 32535 bytes |
SHA-256: 9767c18230d0b05238a8333c9548729b9e9e9108806a86d385ca277211bc0bdf |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.96, consistent with packed or encrypted content.
|
|||
font_03_type1_off00013e12.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x13E12 | 23591 bytes |
SHA-256: 4d04000c3db8d6ba43e4a96c23246efeaa9dda353d233c2d2d754a7d8800c90f |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.96, consistent with packed or encrypted content.
|
|||
font_04_type1_off000198fd.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x198FD | 23993 bytes |
SHA-256: b9273d4ebd79ccd504d6eeb960355f3ac4c014337a366c5580288ac8fa994e06 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.96, consistent with packed or encrypted content.
|
|||
font_06_type1_off00022f0c.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x22F0C | 21925 bytes |
SHA-256: a85186c0924a2e735f653fc3b86df59aa0656ef9802fc23785bc584615630fc1 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.96, consistent with packed or encrypted content.
|
|||
font_07_type1_off000283cf.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x283CF | 24001 bytes |
SHA-256: 37d42f82470bcb79e44466f00dbdd765f7c2fa62502d41caf9645bf9cf289b3a |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.96, consistent with packed or encrypted content.
|
|||
font_08_type1_off0002e060.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x2E060 | 13145 bytes |
SHA-256: 3074def11a93f26babd3dd559e0c29d906c8068c012df2259dcc76b6f57546f6 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.92, consistent with packed or encrypted content.
|
|||
font_09_type1_off000312d8.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x312D8 | 15637 bytes |
SHA-256: 88b39051b19f064a6a847817c165281d974156e940c33e9c6fe09a16360ccd05 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.93, consistent with packed or encrypted content.
|
|||
font_15_type1_off0003cc1e.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x3CC1E | 15285 bytes |
SHA-256: 0044b0099656e7d4bd979ec19b81f0578470634fd215e4a2f01c5165cec9826b |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.93, consistent with packed or encrypted content.
|
|||
font_16_type1_off000406de.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x406DE | 19437 bytes |
SHA-256: 79d44cb21f9b3bf79b2db2dd8b4b17f5a660ed620609ffb5d601cdc9d0df355b |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.95, consistent with packed or encrypted content.
|
|||
font_17_type1_off000451bc.bin |
pdf-font-stream | PDF embedded font (type1) at offset 0x451BC | 27071 bytes |
SHA-256: a1677fbdf42d41d16ad7bfeb9072141bd2d5280d072080ef7e8a3e95c8415e98 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.95, consistent with packed or encrypted content.
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.