CLEAN
6
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0015
Heuristics 3
-
External URI info PDF_URIPDF contains an external URL action
-
Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTALThe same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.equalityindonesia.com/ PDF link annotation
- http://www.equalityindonesia.com/)/TypeIn PDF document text
- http://ocsp.verisign.com0In PDF document text
- http://www.microsoft.com/typography/ctfontshttp://fontfabrik.comYouIn PDF document text
- http://www.microsoft.com/typography/fonts/default.aspxIn PDF document text
- http://crl.microsoft.com/pki/crl/products/CSPCA.crl0HIn PDF document text
- http://www.microsoft.com/pki/certs/CSPCA.crt0In PDF document text
- http://crl.microsoft.com/pki/crl/products/tspca.crl0HIn PDF document text
- http://www.microsoft.com/pki/certs/tspca.crt0In PDF document text
- http://www.microsoft.com/typographyIn PDF document text
- https://www.verisign.com/repository/RPA0In PDF document text
- https://www.verisign.com/repository/CPS��In PDF document text
- https://www.verisign.comIn PDF document text
- https://www.verisign.com/repository/verisignlogo.gif0�In PDF document text
- https://www.verisign.com/CPSIn PDF document text
- https://www.verisign.com/repository/CPSIn PDF document text
- http://www.microsoft.com/truetype/0In PDF document text
- http://crl.verisign.com/ThawteTimestampingCA.crl0In PDF document text
- http://crl.verisign.com/tss-ca.crl0In PDF document text
- http://crl.microsoft.com/pki/crl/products/CodeSignPCA2.crl0OIn PDF document text
- http://www.microsoft.com/pki/certs/CodeSignPCA2.crt0In PDF document text
Extracted artifacts 8
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_014_off00070cbb.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x70CBB | 198572 bytes |
SHA-256: 14801aa778b3da642fa0ef0dca2fb9f6b52c78cfc3ac63fac50c873d89252c2c |
|||
stream_068_off0087c8c3.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x87C8C3 | 197164 bytes |
SHA-256: 10d2a68df18ed7ba14b68bfc0699db3e6d6de8b51d8571d15795df64709dca5f |
|||
font_00_sfnt_off00001653.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x1653 | 54792 bytes |
SHA-256: 67fc207b1f350a5bbb87c316a7b1c083fb56e8d21272a3a581e827538492fb7a |
|||
font_02_sfnt_off00013841.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x13841 | 169476 bytes |
SHA-256: a6eacb5f4c318f191f5c7ef56b8a9d24965db43dd12e86dc8eafc984e1163d47 |
|||
font_03_sfnt_off000268fd.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x268FD | 54520 bytes |
SHA-256: 4e49a2d55be905e94718d8698d2acdf497009d2fbf6c7c1516c4c3fe5a3f73d9 |
|||
font_05_sfnt_off0005b841.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5B841 | 183164 bytes |
SHA-256: fe4e1381826eb65041f92ce379e5272824c0cb80475e8936cbb36cac048b6601 |
|||
font_07_sfnt_off00087fd4.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x87FD4 | 95732 bytes |
SHA-256: 6caf2609d8a57dd765ef3bec44ba0f10dfdb1ae065bf0bbcbbcb1152af1b75ef |
|||
font_18_sfnt_off008673df.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8673DF | 183320 bytes |
SHA-256: 90a5614769b83f794e8152d540a4397dba13d2777ea31a5980e9c677eef57efc |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.