PDF static analysis report

Static analysis result for SHA-256 8d0c43f059568870…

SUSPICIOUS

PDF

161.8 KB Created: 2022-07-04 03:25:34 +00:00 Authoring application: ailverd (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: ec486ac6078aa278286c167bcef7a6a0 SHA-1: c80818d932258a87ec0d7fb7ce64f5095f93970f SHA-256: 8d0c43f059568870eab7f1c40ff18d92bdf45b4c7937741d7fe0a70f04568dd9
34 Risk Score

Malware Insights

MITRE ATT&CK
T1566.002 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains numerous links advertising cracked software, a common lure for malware distribution. One heuristic specifically flagged the presence of these cracked software lures. The embedded URLs likely lead to further malicious content or downloads, aiming to trick users into compromising their systems.

Machine Learning

  • Nyx PDF Classifier clean score 0.0138

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://lehmanbrotherbankruptcy.com/amla/headshield/?lugs=jenners&ZG93bmxvYWR8UHQwTlRjMmFYeDhNVFkxTmpnNU1qTTFNbng4TWpVM05IeDhLRTBwSUhKbFlXUXRZbXh2WnlCYlJtRnpkQ0JIUlU1ZA=&regin=U2xhY2sU2x PDF link annotation
    • http://barmanbook.ru/wp-content/uploads/2022/07/App_2_Me_Manager.pdfIn PDF document text
    • https://sitandbreaktheice.org/big-file-editor-crack-patch-with-serial-key-free/In PDF document text
    • https://domainedns.com/wp-content/uploads/2022/07/TrichEratops_Crack__Free_Download_For_Windows_Updated_2022.pdfIn PDF document text
    • https://aposhop-online.de/2022/07/04/placesbar-tweaker-crack-full-version-download-updated-2022/In PDF document text
    • https://midiario.com.mx/upload/files/2022/07/IfQWQSoIKfLyzGBttiyb_04_d8cb55a57afbff76900d5a9e78a1abd5_file.pdfIn PDF document text
    • https://bmcpsychacademy.org/2022/07/04/grape3d-crack-keygen-full-version-download-pc-windows/In PDF document text
    • http://ampwebsitedesigner.com/2022/07/04/sigfig-portfolio-for-windows-8-2-0-0-109-crack-download-win-mac-april-2022/In PDF document text
    • https://beautysecretskincarespa.com/2022/07/04/acoustic-crack-incl-product-key-free-for-windows-2022-latest/In PDF document text
    • https://blwes.com/wp-content/uploads/2022/07/OCS_Inventory_NG_Agent.pdfIn PDF document text
    • https://meuconhecimentomeutesouro.com/wp-content/uploads/2022/07/Building_Service_Billing_Template_Crack___License_Keygen_Download_For_Windows.pdfIn PDF document text
    • https://www.thepostermafia.com/2022/07/04/tnt-folder-icon-pack-free-license-key-download-for-pc/In PDF document text
    • https://efekt-metal.pl/witaj-swiecie/In PDF document text
    • https://lutce.ru/wp-content/uploads/2022/07/cnn_4_in_1_news_feed.pdfIn PDF document text
    • https://studiblog.net/wp-content/uploads/2022/07/Microsoft_F__Crack___Free_Download.pdfIn PDF document text
    • http://www.oscarspub.ca/leaguelocalelauncher-2-03-crack-keygen-free-download-for-pc-latest/In PDF document text
    • https://kevinmccarthy.ca/echo-password-manager-crack-free-download-x64-2022-new/In PDF document text
    • https://fessoo.com/upload/files/2022/07/hOg6DPnMBga4oZ3iKMzj_04_d8cb55a57afbff76900d5a9e78a1abd5_file.pdfIn PDF document text
    • https://bebetter-official.com/wp-content/uploads/2022/07/cirioliv.pdfIn PDF document text
    • https://domainedns.com/wp-content/uploads/2022/07/TrichEratops_Crack__FIn PDF document text
    • https://aposhop-online.de/2022/07/04/placesbar-tweaker-crack-full-version-In PDF document text
    • https://midiario.com.mx/upload/files/2022/07/IfQWQSoIKfLyzGBttiyb_04_d8cIn PDF document text
    • https://bmcpsychacademy.org/2022/07/04/grape3d-crack-keygen-full-In PDF document text
    • http://ampwebsitedesigner.com/2022/07/04/sigfig-portfolio-for-In PDF document text
    • https://beautysecretskincarespa.com/2022/07/04/acoustic-crack-incl-product-In PDF document text
    • https://meuconhecimentomeutesouro.com/wp-content/uploads/2022/07/BuilIn PDF document text
    • https://www.thepostermafia.com/2022/07/04/tnt-folder-icon-pack-free-In PDF document text
    • https://studiblog.net/wp-In PDF document text
    • http://www.oscarspub.ca/leaguelocalelauncher-2-03-crack-keygen-free-In PDF document text
    • https://kevinmccarthy.ca/echo-password-manager-crack-free-download-In PDF document text
    • https://fessoo.com/upload/files/2022/07/hOg6DPnMBga4oZ3iKMzj_04_d8cb5In PDF document text
    • http://chlordesal.yolasite.com/resources/IBM-Security-Trusteer-Rapport-Crack-Free.pdfIn PDF document text
    • https://www.mcgill.ca/nutrition/system/files/webform/wendlarr899.pdfIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://chlordesal.yolasite.com/resources/IBM-Security-Trusteer-Rapport-In PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text