CLEAN
4
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0148
Heuristics 2
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.color.org In PDF document text
- http://www.science-education.ru/ru/article/view?id=25841In PDF document text
- https://kopilkaurokov.ru/nachalniyeKlassi/pre-In PDF document text
- https://theslide.ru/detskie-prezen-In PDF document text
- http://3dobrazovanie.ruIn PDF document text
- https://make���3d.ru/articles/chto-takoe���3d-ruchka/In PDF document text
- https://www.prodlenka.org/metodicheskie-razrabotki/dopolnitelnoe-obrazovanie/risovanie-grafika-v-do/331751-obrazovatelna-In PDF document text
- https://rosuchebnik.ru/material/3-d-ruchka-v-detskom-sadu���27143/???history=20&pfid=1&sample=9&ref=0In PDF document text
- http://www.color.org)/S/GTS_PDFX/Type/OutputIntentIn PDF document text
- http://www.law.edu.ru/article/article.asp?arti-In PDF document text
- https://www.dissercat.com/content/nravstvennye-osnovaniya-sovre-In PDF document text
- https://www.dissercat.com/content/sootnoshenie-pra-In PDF document text
- https://iz.ru/news/607066In PDF document text
- https://www.vedomosti.ru/technology/news/2014/02/25/direktor-fskn-rossijskaya-nar-In PDF document text
- http://constitution.kremlin.ru/In PDF document text
- https://base.garant.ru/1305454//In PDF document text
- http://docs.cntd.ru/document/1200109440In PDF document text
- https://nsportal.ru/nachalnaya-shkola/dlya-kom-In PDF document text
- https://infourok.ru/In PDF document text
- https://urok.1sept.ru/%D1%81%D1%82%D0%B0%D1%82In PDF document text
- https://bio.1sept.ru/view_article.phpIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://ns.adobe.com/xap/1.0/sType/ResourceRef#In PDF document text
- http://ns.adobe.com/xap/1.0/sType/ResourceEvent#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://www.npes.org/pdfx/ns/id/In PDF document text
- http://ns.adobe.com/pdfx/1.3/In PDF document text
- http://www.extensis.com/meta/FontSense/In PDF document text
Extracted artifacts 32
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_004_off0000ccd2.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0xCCD2 | 19265 bytes |
SHA-256: 8b832fcc81a79198c8eb1665b937d346f3f1ae3a21babb7da0486bafff18e16b |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.41, consistent with packed or encrypted content.
|
|||
stream_008_off000159c1.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x159C1 | 16131 bytes |
SHA-256: 9810ffcf1261c1a0bd469de4b6f5361fcfb5ec7c1c1b243dc2a5e2f5c1106a2c |
|||
stream_055_off00054413.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x54413 | 10910 bytes |
SHA-256: 5a0ab69529feda06565f27161c96fc32518b5c68acd5a498d582bbcef3aff27a |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.50, consistent with packed or encrypted content.
|
|||
font_00_sfnt_off0000777b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x777B | 52165 bytes |
SHA-256: 9538c897791df79607fb113635adf904b3b4e4708131fa01f3d77100f1f22d22 |
|||
font_02_cff_off00011b87.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x11B87 | 18238 bytes |
SHA-256: f0881702ac62ca64b5cf477b27dd716fea924305d3a116d48d3fd31a42238d3f |
|||
font_04_cff_off00019c59.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x19C59 | 1988 bytes |
SHA-256: 3e61c1efa62e57c09a373f5a855b0930c433cb85980238ef48c5f9cc687f6b71 |
|||
font_05_cff_off0001a8da.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x1A8DA | 334 bytes |
SHA-256: ef9f18d02b102bb75aaadd606521ad63697b0ceb871109ccea354e44eca8a696 |
|||
font_06_cff_off0001adae.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x1ADAE | 3484 bytes |
SHA-256: ab3a7d4f284a30261c550c056040761cb4fa9822b664b29e44ec30fe4ecc70e1 |
|||
font_07_cff_off0001c3a5.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x1C3A5 | 3833 bytes |
SHA-256: 18db74f2087871cb11ad5617ccceb12e8af646035cd825ab3562c4112f6c163d |
|||
font_08_cff_off0001dbd7.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x1DBD7 | 14910 bytes |
SHA-256: 8334e96fb11d5f3f25874565a400dd10130f9ebf1de1c2b24620db8e59da84b7 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.42, consistent with packed or encrypted content.
|
|||
font_09_cff_off00023008.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x23008 | 2869 bytes |
SHA-256: af8b488b1bd3b7501fc0c096bbc01053d3818d85dba0092653aff88244f44cc3 |
|||
font_10_cff_off00023edc.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x23EDC | 334 bytes |
SHA-256: 0ebfc55759b11a2d7c37ec631f1d6ba047ab54140dc8b3acff0c0473b6894cf4 |
|||
font_11_cff_off00024571.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x24571 | 4132 bytes |
SHA-256: b3ee8f50be3c86422fff5268e1451f0d2633597d04ec3a0660030987f6ad6977 |
|||
font_12_cff_off000277a1.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x277A1 | 2000 bytes |
SHA-256: cde6cda64749f353ae17bb8398c56a5826415ff646e0e34d9ddcf7211acd04cf |
|||
font_13_cff_off000288c5.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x288C5 | 17602 bytes |
SHA-256: b651cc3934ca23a056554f3cb3fe33843ee04035b77f9479fe1bac0137939407 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.47, consistent with packed or encrypted content.
|
|||
font_14_cff_off0002cabe.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x2CABE | 1900 bytes |
SHA-256: da3798d6af1bbf5e04a658f39bbb3718c5565936d34e38ee6f1d0a91fc6c634e |
|||
font_15_cff_off0002d86e.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x2D86E | 7289 bytes |
SHA-256: 04a2309dcf753b39c036e2e7be70328122bdba5e80c032e7053c13bd5f2145da |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact entropy is 7.50, consistent with packed or encrypted content.
|
|||
font_16_cff_off0004d93e.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x4D93E | 11146 bytes |
SHA-256: 7d213590ff429031eda2075e3fd7255eeedaf659319c2f8578929ecddb64b0d4 |
|||
font_17_cff_off00051417.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x51417 | 2211 bytes |
SHA-256: da4db86c544147a17a692254d19fce4f21b497c328056b46ff5e2862d312e5eb |
|||
font_18_cff_off00053295.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x53295 | 2108 bytes |
SHA-256: 3548ae6ab2bd9a62fa7e0e10e552974fc3bba9f22a195ac57c4b7c5bc8187e0d |
|||
font_20_cff_off00059c02.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x59C02 | 1197 bytes |
SHA-256: c19278956682b91cc7f155f7381ebb93040dd56592a6f5d6f069243836766977 |
|||
font_21_cff_off0005bdb8.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x5BDB8 | 1288 bytes |
SHA-256: a5ea022535aa2704ee37aabe96824dae222783b1a0b132e61f93a5d51bab296c |
|||
font_22_cff_off00068f50.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x68F50 | 1845 bytes |
SHA-256: 0d0f7179e6a62c754bc852811e7ddabbdfe412dc4a5f3474661b24b7b8823e82 |
|||
font_23_cff_off0006b693.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x6B693 | 1901 bytes |
SHA-256: 10211303a6cc142bdc45b91ae259af94ca8ef9db22920aa22440347f04ec2e89 |
|||
font_24_cff_off00077915.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x77915 | 1538 bytes |
SHA-256: 43a7816b66447c0417a02943c17ba5c02320a49236432b58eaff1385b4c79927 |
|||
font_25_cff_off0007a0cb.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x7A0CB | 1705 bytes |
SHA-256: 6891337093c7a242c39030c683f487be354e0385a6fd91bb85b1ec65ebf0b2d1 |
|||
font_26_cff_off0007d3f1.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x7D3F1 | 1357 bytes |
SHA-256: 43dab3a2408b9288601408802140dd09cd0244266050c25cd75d84d59748ac9d |
|||
font_27_cff_off00219254.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x219254 | 1276 bytes |
SHA-256: 9dddd511d3efe1890ec867e1b5d19b1159b5951406b116c38a65608cbd635e30 |
|||
font_28_cff_off0029f9f0.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x29F9F0 | 1267 bytes |
SHA-256: 5ab5d7eb5e3d3f0ab5ba338807467851b24be91eb33740e07b677ebd19c64784 |
|||
font_29_cff_off002a2d16.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x2A2D16 | 1252 bytes |
SHA-256: 6c8e68b6fa33e0b6ceaaf2e7aac7aac35940ab92c74403425337b98afce7cf39 |
|||
font_30_cff_off002f4024.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x2F4024 | 1109 bytes |
SHA-256: 2351257f589aaa482d477b14b978f5f0a0a97b09f9c55676a95927f34fe77a56 |
|||
font_31_cff_off002f64b6.bin |
pdf-font-stream | PDF embedded font (cff) at offset 0x2F64B6 | 1157 bytes |
SHA-256: b4b3170864b2ff7319b19ce088bb9c0d3d4c2c268354a058c749c799f952d23e |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.