Malicious PDF — malware analysis report

Static analysis result for SHA-256 941981e7c34c2da6…

MALICIOUS

PDF

118.2 KB Created: 2022-08-10 05:31:27 +00:00 Authoring application: catyarm (via PDF Master 1.0.1) First seen: 2026-06-12
MD5: 8a6dada7353eefe0adacb1dd1f34c649 SHA-1: 23d3333c73a1d30f34b8d5421c644bd25447b484 SHA-256: 941981e7c34c2da61829ef0436e3155d8bbf5bd6d63a501f22f4072e5e165573
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0062

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://rocketcarrental.com/crashing.amzn?berms=/QXV0b0NBRAQXV/birthtime/ZG93bmxvYWR8NjdRTldKaGJIeDhNVFkyTURBNU1UQTBPSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/brookhaven/corporeal.hepititus PDF link annotation
    • https://printeleven.com/wp-content/uploads/2022/08/AutoCAD-25.pdfIn PDF document text
    • https://allindiaherb.com/autocad-2022-24-1-crack-for-pc/In PDF document text
    • https://emperiortech.com/wp-content/uploads/2022/08/roshar.pdfIn PDF document text
    • https://dry-cliffs-65785.herokuapp.com/robforb.pdfIn PDF document text
    • https://mindfullymending.com/autocad-24-2-crack/In PDF document text
    • https://pure-taiga-97582.herokuapp.com/AutoCAD.pdfIn PDF document text
    • https://www.pickupevent.com/autocad-2022-24-1-crack-for-windows-3/In PDF document text
    • https://turbulentelevenvansissi.nl/wp-content/uploads/2022/08/janfra.pdfIn PDF document text
    • http://med-smi.com/?p=1In PDF document text
    • https://heidylu.com/autocad-lifetime-activation-code-updated/In PDF document text
    • https://lifeacumen.com/2022/08/autocad-crack-free-registration-code-latest-2022/In PDF document text
    • https://sajjadkhodadadi.com/wp-content/uploads/2022/08/AutoCAD-16.pdfIn PDF document text
    • https://stephenlambdin.com/wp-content/uploads/2022/08/derfla.pdfIn PDF document text
    • https://diontalent.nl/2022/08/10/autocad-24-0-free-download-mac-win-2022/In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.