CLEAN
4
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0001
Heuristics 2
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.monotype.comhttp://www.monotype.com/html/type/license.html In PDF document text
- http://fontforge.sf.net/In PDF document text
- http://www.monotype.com/html/mtname/ms_timesnewroman.htmlhttp://www.monotype.com/html/mtname/ms_welcome.htmlNOTIFICATIONIn PDF document text
Extracted artifacts 6
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_015_off00015406.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x15406 | 101354 bytes |
SHA-256: d87edb8035dd5a498d156f6d055bfeae437d2896fe8bc445cf2b6b1af8aec57d |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.99, consistent with packed or encrypted content.
|
|||
stream_018_off0002e79d.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x2E79D | 101360 bytes |
SHA-256: 81914c05074afb44bd4df5d481672979b35e67d596f643167e3dda4a953b0f4a |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.99, consistent with packed or encrypted content.
|
|||
font_00_sfnt_off00008769.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8769 | 2544 bytes |
SHA-256: 28dfc8de893bca8b405144bfe06a891ca6c32c54318388a4dc2455ad02bc280d |
|||
font_01_sfnt_off000091fc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x91FC | 35932 bytes |
SHA-256: 8ab3be12bbb6c8b80209df734b60cd3383f29c3377ef6c38a2fb953ea7e625c8 |
|||
font_02_sfnt_off0000e46d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xE46D | 29556 bytes |
SHA-256: 54c0cf9e97c444a0b9e752a2de2e47c1a5263a097a208be8f92cdb2a863cd881 |
|||
font_03_sfnt_off00012334.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x12334 | 24944 bytes |
SHA-256: cadb54a6e70d334b5dccea36d3486fd6c573b773ffff15d6b53ca84efb9934a3 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.