PDF static analysis report

Static analysis result for SHA-256 90dd9c7d9c7826c1…

CLEAN

PDF

1.45 MB Created: 2017-03-26 21:29:58 +03:00 Authoring application: Microsoft® Word 2010 First seen: 2020-09-24
MD5: dd011577cb535abd47835a2a6902fee5 SHA-1: e7b68491791aa0486c901afd648ef756a88d0eda SHA-256: 90dd9c7d9c7826c11e2ee2cd548139aaea47a1627fcd6351a035e696a59ae213
4 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0001

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.walidsamir7.bogspot.com/ In PDF document text
    • http://www.ifac.com/In PDF document text
    • http://www.willey.com/In PDF document text
    • http://www.sakkal.comYouIn PDF document text
    • http://www.fmalaa.wordpress.com/PDF link annotation
    • http://www.ifac.org/In PDF document text
    • http://www.microsoft.com/typography/ctfontshttp://fontfabrik.comYouIn PDF document text
    • http://www.microsoft.com/typography/fonts/default.aspxIn PDF document text
    • http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl0XIn PDF document text
    • http://www.microsoft.com/pki/certs/MicrosoftTimeStampPCA.crt0In PDF document text
    • http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl0ZIn PDF document text
    • http://www.microsoft.com/pki/certs/MicCodSigPCA_08-31-2010.crt0In PDF document text
    • http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl0TIn PDF document text
    • http://www.microsoft.com/pki/certs/MicrosoftRootCert.crt0In PDF document text
    • http://www.microsoft.com/typographyIn PDF document text
    • http://www.microsoft.com/typography/fonts/In PDF document text
    • https://www.verisign.com/rpaIn PDF document text
    • http://ocsp.verisign.com/ocsp/status0In PDF document text
    • https://www.verisign.com/rpa0In PDF document text
    • http://crl.microsoft.com/pki/crl/products/CodeSignPCA.crl0In PDF document text

Extracted artifacts 5

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_028_off0000ba13.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xBA13 1132866 bytes
SHA-256: f9c920daafa09ee198095a019039e7f4097812fa83cff653f9788a373ab141b7
stream_106_off00091768.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x91768 185888 bytes
SHA-256: ecd7874cdae0ebf8fa390e20fed839728185e5fb2536b9db4c124b9777debe25
stream_114_off000c920c.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xC920C 142812 bytes
SHA-256: 4f6a06300a04ec43d5817ae6c7b408ca02f46dff46fd84ea66ec4f468a7b69eb
stream_123_off000fcc9b.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xFCC9B 66520 bytes
SHA-256: b7c104555b909b65be1a2b91eb2a52c99569811eece7a4e354e1ac246b3bf8f1
stream_129_off00140cce.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x140CCE 31120 bytes
SHA-256: 4ee6044d033cb7fcb9242dde2c1fdfc5bee4a94e3d28f92c4a26af45be8dd014