MALICIOUS
74
Risk Score
Machine Learning
- Nyx PDF Classifier malicious score 0.9891
Heuristics 3
-
OpenType VariationStore offset points outside table high PDF_OPENTYPE_VARSTORE_OFFSET_OUT_OF_RANGEAn OpenType VariationStore offset points outside its containing font table. VariationStore offset arrays are pointer-like parser inputs and malformed offsets can drive out-of-bounds font parsing.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.respublika-kaz.info/news/politics/26043/ PDF link annotation
- http://www.guljan.org/ru/news/pablicity/2012/October/2722In PDF document text
- http://www.fergananews.com/news/19650In PDF document text
- http://www.odfoundation.eu/ru/urgents/322/kalendar_zabastovok_rabotnikov_neftedobivayushchih_predpriyatiy_zapadnom_kazahstane_mangistauIn PDF document text
- http://lada.kz/aktau_news/incidents/5582-amangeldy-dosahanov-ubiystvo-svidetelya-po-delu-o-zhanaozenskih-sobytiyah-nosit-huliganskiy-harakter.htmlIn PDF document text
- http://www.liveinternet.ru/tags/���������+�������/In PDF document text
- http://www.youtube.com/watch?v=Jq6Sg8lZ9V8&feature=plcpIn PDF document text
- http://www.youtube.com/user/saule540In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00002d59.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2D59 | 160512 bytes |
SHA-256: c13877f3a6f4bbd21566c05a547833aac700ec11798e3b0af74ef48ed49ad304 |
|||
font_01_sfnt_off00013135.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x13135 | 163044 bytes |
SHA-256: d3aefa3fe004ccd88161ec41b717feeb02fc550851d571c427fe738a67ff0fc7 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.