Malware Insights
The PDF document contains multiple links that advertise cracked software, indicating a lure to trick users into downloading potentially malicious applications. One of the embedded URIs, http://godsearchs.com/archerylinks/army/burggarten.ZG93bmxvYWR8eGM5WkdjMVkzeDhNVFkxTmpnNU1qTTFNbng4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA?U2ltcGxlIFZpZGVvIGNvbXByZXNzb3IU2l=pitch&philosophy=miscarried/, is particularly suspicious and likely serves as a download or redirection point. The presence of a 'PDF_CRACKED_SOFTWARE_LURE' heuristic further supports this assessment.
Machine Learning
- Nyx PDF Classifier clean score 0.0067
Heuristics 4
-
PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LUREPDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://godsearchs.com/archerylinks/army/burggarten.ZG93bmxvYWR8eGM5WkdjMVkzeDhNVFkxTmpnNU1qTTFNbng4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA?U2ltcGxlIFZpZGVvIGNvbXByZXNzb3IU2l=pitch&philosophy=miscarried/ PDF link annotation
- http://mytown247.com/?p=72998In PDF document text
- https://warm-depths-86196.herokuapp.com/aspwel.pdfIn PDF document text
- https://verrtise.com/advert/hardware-information-activator-final-2022/In PDF document text
- http://freemall.jp/note-writer-crack-free-registration-code-free-2022.htmlIn PDF document text
- https://woodplatform.com/wp-content/uploads/2022/07/Peti.pdfIn PDF document text
- https://delicatica.ru/2022/07/04/asus-pad-pc-suite-crack-2022/In PDF document text
- http://tempatrainersguild.com/?p=2513In PDF document text
- https://www.chiesacristiana.eu/2022/07/04/file-extension-changer-1-3-6-crack-with-key-download-latest-2022/In PDF document text
- https://www.cameraitacina.com/en/system/files/webform/feedback/hildhall56.pdfIn PDF document text
- https://lalinea100x100.com/wp-content/uploads/2022/07/Firefox_Password.pdfIn PDF document text
- http://jameschangcpa.com/advert/our-earth-for-windows-8-crack-product-key-full-for-pc/In PDF document text
- https://txuwuca.com/upload/files/2022/07/H9dASPk4tHerf59yeehp_04_14ee98bd9cd7472acb65aef0c8aead62_file.pdfIn PDF document text
- https://nisharma.com/shicks-crack-free-registration-code-3264bit-latest/In PDF document text
- https://endlessflyt.com/ms-word-business-brochure-template-software-crack-with-product-key/In PDF document text
- http://gastro-professional.rs/food/soundcleod-crack-incl-product-key-download-updated-2022/In PDF document text
- https://www.travelrr.com/7zipsilencer-crack-free-2022-latest/In PDF document text
- https://beautysecretskincarespa.com/2022/07/04/menulab-discussion/In PDF document text
- https://boiling-bastion-76873.herokuapp.com/VeryPDF_Screen_OCR.pdfIn PDF document text
- https://ipayif.com/upload/files/2022/07/Xacroj3GHLw3fhq6sUX4_04_14ee98bd9cd7472acb65aef0c8aead62_file.pdfIn PDF document text
- http://applebe.ru/2022/07/04/library-net-free-note-edition-crack-win-mac/In PDF document text
- https://txuwuca.com/upload/files/2022/07/H9dASPk4tHerf59yeehp_04_14ee98bd9cd7472acb65aef0c8aead62_fileIn PDF document text
- https://ipayif.com/upload/files/2022/07/Xacroj3GHLw3fhq6sUX4_04_14ee98bd9cd7472acb65aef0c8aead62_file.pdIn PDF document text
- http://www.tcpdf.orgIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00002814.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2814 | 84640 bytes |
SHA-256: 5469d87e49db2e9b2bbbf73ce09eff790bdd1f43cfcf051a1c71c445cc3e337a |
|||
font_01_sfnt_off0000b06b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB06B | 83036 bytes |
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.