PDF static analysis report

Static analysis result for SHA-256 7e1a8d1830b8eabf…

CLEAN

PDF

502.3 KB Created: 2020-04-07 02:38:02 +03:00 Authoring application: Microsoft® Word для Office 365 First seen: 2020-09-24
MD5: 6d53303c036d80e24ed6b7ae5e81fdfb SHA-1: dcb0089062fe06a19535139ba1238b1c30b1ecf1 SHA-256: 7e1a8d1830b8eabf015c559df700784d9079a4f03d09a872ef2856a71f081297
4 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0001

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.����-��������������-����������������.����/ In PDF document text
    • http://yugorsk-five-school.ru/In PDF document text
    • http://������������-��������������.������/In PDF document text
    • https://tatfrontu.ru/term-common/galereyaIn PDF document text
    • http://pobeda.poklonnayagora.ru/tech/In PDF document text
    • https://www.litmir.me/In PDF document text
    • https://www.bookol.ru/In PDF document text
    • https://miridei.com/idei-dosuga/kakuyu-knigu-pochitat/10_samyh_silnyh_knig_o_vojne_do_murashek_po_kozhe_i_drozhi_v_tele/In PDF document text
    • https://alenavoice.ru/uroki-vokala/kak-razuchivat-pesniIn PDF document text
    • https://dropi.ru/posts/test-pro-tanki-uznaj-boevuyu-mashinu-po-siluetuIn PDF document text
    • https://dropi.ru/posts/test-dlya-lyubitelej-i-znatokov-oruzhiya-znaesh-li-ty-strelkovoe-oruzhie-vremen-velikoj-otechestvennoj-vojnyIn PDF document text
    • https://warspot.ru/11978-shutok-ne-lyubit-oshibok-ne-proschaet-test-warspotIn PDF document text
    • https://dropi.ru/posts/test-prover-svoi-znaniya-ob-sssr-vo-vremya-velikoj-otechestvennoj-vojnyIn PDF document text
    • https://dropi.ru/posts/istoricheskij-test-chto-ty-pomnish-o-vtoroj-mirovoj-vojneIn PDF document text
    • http://pobeda.poklonnayagora.ru/city/In PDF document text
    • http://navpam.ru/In PDF document text
    • http://navpam.ru/artmedia/khudozhestvennye-filmyIn PDF document text
    • http://navpam.ru/artmedia/documentaln-filmyIn PDF document text
    • http://��������������.����/In PDF document text
    • http://yugorsk-five-school.ruIn PDF document text
    • https://tatfrontu.ru/term-In PDF document text
    • http://pobeda.poklonnayagora.ru/tIn PDF document text
    • https://miridei.com/idei-In PDF document text
    • https://alenavoice.ru/uroki-In PDF document text
    • https://mytyshi-In PDF document text
    • https://dropi.ru/posts/test-pro-tanki-In PDF document text
    • https://dropi.ru/posts/test-dlya-In PDF document text
    • https://warspot.ru/11978-shutok-ne-In PDF document text
    • https://dropi.ru/posts/test-prover-In PDF document text
    • https://dropi.ru/posts/istoricheskij-In PDF document text
    • http://pobeda.poklonnayagora.ru/citIn PDF document text
    • http://navpam.ru/artmedia/khudozhIn PDF document text
    • http://navpam.ru/artmedia/documenIn PDF document text
    • http://www.за-честные-продукты.рф/PDF link annotation
    • https://www.facebook.com/BrazhkoAleksandr/In PDF document text
    • https://www.youtube.com/watch?v=84skplbg4DY&In PDF document text
    • https://www.youtube.com/playlist?list=PLA1-QYKy_mCn4yusKNzGK87AVKzZ2aXSmIn PDF document text
    • https://yadi.sk/d/4aAcme984l_-LAIn PDF document text
    • https://www.facebook.com/groups/75Pobeda/In PDF document text
    • https://chat.whatsapp.com/Bk5Bv7GLoEp9AUCNxcpdrzIn PDF document text
    • https://youtu.be/XCSbQUrhXP4In PDF document text
    • https://daily.afisha.ru/brain/4272-10-sovetov-o-tom-kak-pravilno-hodit-v-muzey/In PDF document text
    • https://www.youtube.com/In PDF document text
    • https://chat.whatsapp.com/In PDF document text
    • https://pravoslavie.ru/53349.htmlIn PDF document text
    • https://mytyshi-school1.edusite.ru/p298aa1.htmlIn PDF document text
    • https://ru.wikipedia.org/wiki/%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D0%B0-%D0%B3%D0%B5%D1%80%D0%BE%D0%B8In PDF document text
    • https://ru.wikipedia.org/wiki/%D0%9A%D0%B0%D1%80%D0%B1%D1%8B%D1%88%D0%B5%D0%B2,_%D0%94%D0%BC%D0%B8%D1%82%D1%80%D0%B8%D0%B9_%D0%9C%D0%B8%D1%85%D0%B0%D0%B9%D0%BB%D0%BE%D0%B2%D0%B8%D1%87In PDF document text
    • https://www.facebook.com/groups/ircstars/In PDF document text
    • https://yandex.ru/efir?stream_id=4a3bdae344abe1759da36cd7ba976cb5In PDF document text
    +24 more URL(s)

Extracted artifacts 9

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_001_off00015e77.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0x15E77 36341 bytes
SHA-256: 5bb4ecc6757ee4db243a7adf9e0c00b5899845684fdec53a3734600e23059eac
stream_004_off0002feb8.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0x2FEB8 27870 bytes
SHA-256: 484056ef379933920c130c8376c733a4d9d9ae7c78bb33e1a048b96c6899a7f9
stream_006_off0003227c.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3227C 42180 bytes
SHA-256: 06ae705b0c28adfd2f469ef01e26e7fc54768366bc2516968c3126678afe5b5b
stream_007_off00035045.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0x35045 33990 bytes
SHA-256: 08d339bb5495260971dd7dd49039822f2f69928d285221bc6255377246c92e41
stream_010_off0003a9be.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0x3A9BE 23240 bytes
SHA-256: 98194a7250bf038eea2c2e5db30b5cc8dc45a1b75af78dbef8a4d6146cb98317
stream_018_off00041dc2.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x41DC2 99628 bytes
SHA-256: 1a1cc68efa511d0d2799b02c75c6eb7a3eef877d688e4aa874b84493b5ae9315
font_01_sfnt_off0004db2d.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x4DB2D 147896 bytes
SHA-256: 678f2d94ce9c88f1cbf522d8702b4aa15038967bcf8d75f08a317e2ca37d7210
font_02_sfnt_off00061932.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x61932 115508 bytes
SHA-256: 6495cd3f36cf91f0da99157a4a4cb0f97e1ba8aaead1f601f8e19f19eb1c8c9c
font_03_sfnt_off0007140e.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x7140E 81740 bytes
SHA-256: 8968d311fdd8ca6aefb490943eb49835e5a3d5766af51f30fd96e38a9d4f0ea2