Malicious PDF — malware analysis report

Static analysis result for SHA-256 793519e8eb1750f4…

MALICIOUS

PDF

113.4 KB Created: 2022-09-13 16:39:14 +00:00 Authoring application: pateglen (via PDF Master 1.0.1) First seen: 2026-06-15
MD5: e1532fd68a9e66fd6bfed7ba1aea71b7 SHA-1: 6f5b3e61b77d0f282e0feacb29e1c3a2b5390368 SHA-256: 793519e8eb1750f426455ecbbbff11f6c0d9a0e908a80684a31888d9c2774c91
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0013

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://siteslocate.com/ZG93bmxvYWR8eEE4TVhBemEzTjhmREUyTmpJMk9EQXpPVEI4ZkRJMU9UQjhmQ2hOS1NCWGIzSmtjSEpsYzNNZ1cxaE5URkpRUXlCV01pQlFSRVpk/kyriad?goedegebuur=nissan&&SGF0ZSBTdG9yeSBJViBGdWxsIE1vdmllIERvd25sb2FkIEluIEhkIDcyMHASGF=mave PDF link annotation
    • https://www.ronenbekerman.com/wp-content/uploads/2022/09/Wwe_Wrestlemania_28_LINK_Full_Show_720p_52.pdfIn PDF document text
    • https://restor8tivehr.com/wp-content/uploads/2022/09/Manual_De_Logoterapia_Pdf_34.pdfIn PDF document text
    • https://sattology.org/wp-content/uploads/2022/09/metro_2033_trainer_1001.pdfIn PDF document text
    • https://myequipmentfunder.com/wp-content/uploads/2022/09/Windows_8_Ultimate_Bootable_Iso_Image_Free_Download_32_Bit_With_Key_Torrentl_FREE.pdfIn PDF document text
    • http://www.unitewomen.org/deep-space-waifu-flat-justice-soundtrack-free-download-key-hot/In PDF document text
    • https://www.9mesi.eu/wp-content/uploads/2022/09/zandyude.pdfIn PDF document text
    • https://roofingbizuniversity.com/wp-content/uploads/2022/09/Louis_Vuitton_Trunk_Serial_Number_Lookup_NEW.pdfIn PDF document text
    • http://pepsistars.com/wp-content/uploads/2022/09/Download_driver_booster_410_pro-1.pdfIn PDF document text
    • https://thecluelesscoffee.com/wp-content/uploads/2022/09/morehear.pdfIn PDF document text
    • http://www.studiofratini.com/rpg-metanoia-720p-or-1080p-best/In PDF document text
    • http://www.gambians.fi/sims-4-selfie-override-hot/training/In PDF document text
    • http://www.bigislandltr.com/wp-content/uploads/2022/09/Alice_In_Wonderland_Movie_Download_Bittorrent.pdfIn PDF document text
    • http://pixology.in/wp-content/uploads/2022/09/Activator_For_Windows_And_Office_KMS_Pico_V1123_Serial_Key_Keygen_UPD.pdfIn PDF document text
    • https://sarahebott.org/matlab-r2012a-free-new-download-with-crack/In PDF document text
    • https://fajas.club/2022/09/13/autodesk-autocad-civil-3d-2018-1-1-keygen-__link__-crackzsoft/In PDF document text
    • http://www.studiofratini.com/gabriela-cerruti-el-pibe-pdf-download-work/In PDF document text
    • https://www.masiga.it/wp-content/uploads/2022/09/Bolder_Sounds_Bluegrass_Banjo.pdfIn PDF document text
    • https://www.distributorbangunan.com/sandy0903-rar-free/In PDF document text
    • http://www.devraco.com/wp-content/uploads/2022/09/hartaf.pdfIn PDF document text
    • https://www.ronenbekerman.com/wp-In PDF document text
    • https://myequipmentfunder.com/wp-content/uploads/2022/09/Windows_8_Ultimate_Bootable_Iso_ImaIn PDF document text
    • https://roofingbizuniversity.com/wp-In PDF document text
    • http://www.bigislandltr.com/wp-In PDF document text
    • http://pixology.in/wp-content/uploads/2022/09/Activator_For_Windows_And_Office_KMS_Pico_V1123_In PDF document text
    • http://pixology.in/wp-content/uploads/2022/09/activator_for_windows_and_office_kms_pico_v1123_serial_key_keygen_upd.pdfIn PDF document text
    • https://secureservercdn.net/198.71.233.69/5z3.800.myftpupload.com/wp-content/uploads/2022/09/gelalm.pdf?time=1663086023In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • https://secureservercdn.net/198.71.233.69/5z3.800.myftpupload.com/wp-In PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text