PDF static analysis report

Static analysis result for SHA-256 5ca06e44a947a949…

CLEAN

PDF

19.8 KB Created: 2021-09-15 22:04:48 -07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-23
MD5: de91367caf058ca57859d38cee2e35a1 SHA-1: 49f2691ebc169d8299c144511d965df791db12d5 SHA-256: 5ca06e44a947a9494f0848594ff8b5ab2e76f860fc0154c839229a3362a83056
4 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0099

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://secure.ramsdenlawyerscase.xyz?e=ashish.shah@bccap.com PDF link annotation
    • https://www.microsoft.com/en-US/servicesagreement/In PDF document text
    • https://privacy.microsoft.com/en-US/privacystatementIn PDF document text

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00001fd6.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x1FD6 6300 bytes
SHA-256: 5e2b6b4fe3042de37dcbbda651701ebbaa0da43ce971dad9adbc2f26f77784a8
font_01_sfnt_off00003667.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x3667 4520 bytes
SHA-256: 33330e699342ee2ea107ae4997cf45f8ff58290fa8a66ad72289bb65e67cabb2
font_02_sfnt_off00004538.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x4538 1716 bytes
SHA-256: 1dc064438ecd34dcc695072ad1584e2c77ab6ff1343f88fd6fd25fd100274bda