Malicious PDF — malware analysis report

Static analysis result for SHA-256 5d8fed00f3c37502…

MALICIOUS

PDF

116.3 KB Created: 2022-09-13 01:58:22 +00:00 Authoring application: honbey (via PDF Master 1.0.1) First seen: 2026-06-18
MD5: f9f8197b98e1b0f1f02aa85eca20ef6c SHA-1: 6c0bf86d7612ceb6d5d6a6658b8bffac18785dc6 SHA-256: 5d8fed00f3c37502999e547e3353a774763be607fec61ec2c6752f8dc8006840
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0013

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://siteslocate.com/doppler/flamboyant/guzzled/hartwig.a3JyaXNoIDMgZnVsbCBtb3ZpZSA3MjBwIGhkIDE5a3J.scrimped.heifers/ZG93bmxvYWR8U0s0TVdocWVXMThmREUyTmpJMk9EQXpPVEI4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk PDF link annotation
    • http://ballyhouracampervanpark.ie/wp-content/uploads/2022/09/Perfect_Photo_Suite_9_2021_Full_Serial_Key.pdfIn PDF document text
    • https://tinilist.com/wp-content/uploads/2022/09/Opel_Cd_500_Karten_Download_FULL.pdfIn PDF document text
    • https://k22.be/wp-content/uploads/2022/09/Adobe_Premiere_Pro_Cc_2018_V12_1_69_X64_Patch_cracksmindl.pdfIn PDF document text
    • https://creditkardio.com/wp-content/uploads/2022/09/kenjane-2.pdfIn PDF document text
    • http://classacteventseurope.com/wp-content/uploads/2022/09/FS2004__Captain_Sim_C130_Pro_V11_Expansions_Serial_Key.pdfIn PDF document text
    • http://www.kitesurfingkites.com/an-introduction-to-game-theory-watson-pdfzip-verified/In PDF document text
    • https://liquidonetransfer.com.mx/?p=118550In PDF document text
    • http://mrproject.com.pl/advert/agneepath-hindi-movie-download-mp4-hd-patched/In PDF document text
    • https://dottoriitaliani.it/ultime-notizie/senza-categoria/splinter-cell-conviction-data9-cab-full-portable-download-rar/In PDF document text
    • http://newsseva.in?p=35897In PDF document text
    • https://www.vakantiehuiswinkel.nl/crack-fix-call-of-juarez-the-cartel-portable-2/In PDF document text
    • https://vintriplabs.com/wp-content/uploads/2022/09/periodizacion_del_entrenamiento_deportivo_bompa_pdf_download.pdfIn PDF document text
    • https://arlingtonliquorpackagestore.com/gta-iv-eflc-crack-11-20-razor1911-cracked/In PDF document text
    • https://mevoydecasa.es/inilabs-school-management-system-nulled-cracking-portable/In PDF document text
    • https://earthoceanandairtravel.com/2022/09/12/badlapur-movie-download-720p-hot/In PDF document text
    • https://xtc-hair.com/sunat-natplus-junior-miss-pageant-contest-2008-2-avi/In PDF document text
    • https://lannews.net/advert/johnpauljacksondreamdictionarypdf/In PDF document text
    • https://parsiangroup.ca/2022/09/g4tw-sims-4-gallery-crack-free/In PDF document text
    • http://moonreaderman.com/counter-strike-xtreme-v12-bit-download-link/In PDF document text
    • https://alafdaljo.com/download-lincoln-720p-dual-audio-grace-screensaver-pa-updated/In PDF document text
    • http://ballyhouracampervanpark.ie/wp-In PDF document text
    • https://k22.be/wp-In PDF document text
    • http://classacteventseurope.com/wp-In PDF document text
    • https://dottoriitaliani.it/ultime-notizie/senza-categoria/splinter-cell-conviction-data9-cab-full-portable-In PDF document text
    • https://vintriplabs.com/wp-In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text