CLEAN
12
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0005
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://www2.informationmapping.com/l/8622/2020-06-22/8k69f8 PDF link annotation
- https://www2.informationmapping.com/l/8622/2020-06-22/8k69fjIn PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-22/8k69fqIn PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-22/8k69fzIn PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-22/8k69l6In PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-22/8k6cbbIn PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-23/8k88b2In PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-23/8k88rzIn PDF document text
- https://www2.informationmapping.com/l/8622/2020-06-23/8k88tbIn PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=599In PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=608In PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=605In PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=596In PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=598In PDF document text
- https://www.informationmapping.com/training-roadshow/event.php?id=591In PDF document text
- https://www.informationmapping.com/en/In PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- https://docs.microsoft.com/typography/abouthttp://lucasfonts.comMicrosoftIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
- http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0XIn PDF document text
- http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0In PDF document text
- http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl0aIn PDF document text
- http://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt0In PDF document text
- http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0TIn PDF document text
- http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0In PDF document text
- http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl0^In PDF document text
- http://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt0��In PDF document text
- http://www.microsoft.com/pkiops/docs/primarycps.htm0@In PDF document text
- http://www.microsoft.com/TypographyIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00005b25.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x5B25 | 100856 bytes |
SHA-256: 2b9c10d72c26f6efa768b230e7f19914919521d8f14c8eb35e18edf7b1e3d006 |
|||
stream_006_off00011fd9.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x11FD9 | 120256 bytes |
SHA-256: 1ff278e75027ee3ffd8d42714ab4fa5ddf954f73a238dbdd33a5005400e2addb |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.