CLEAN
22
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0002
Heuristics 2
-
Clickable URI uses URL shortener medium PDF_URL_SHORTENER_URIPDF contains a clickable HTTP(S) action whose destination is a URL shortener. This hides the final landing page from static review and is common in phishing redirect PDFs.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://rebrand.ly/bxacpbc In PDF document text
Extracted artifacts 6
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off0000087e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x87E | 12572 bytes |
SHA-256: cc52e3c66588c9b03345b50b1ccb7c1e2f3ec135f24252975bf58319e8ed9cc5 |
|||
font_01_sfnt_off000028ef.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x28EF | 2080 bytes |
SHA-256: 35d23a8a2be42e4ea1cef33b48bdfbf35e24062d38b2809cacf670c7c9b70299 |
|||
font_02_sfnt_off00003050.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3050 | 11800 bytes |
SHA-256: edacfdc8c65de4e200d21e262cc11264d74f74191ce7c57d7125be77f2c89d0c |
|||
font_03_sfnt_off00004e36.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x4E36 | 6548 bytes |
SHA-256: b1aa2eb01795f2d1dc4cb944bf7022a80c31dfe64c9136cd502dde4bd845b271 |
|||
font_04_sfnt_off00005f33.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5F33 | 4920 bytes |
SHA-256: 2dce56b8fd29eff8bcd6b79d13088ee5d6dca3e124d4e2acc8a8da532dfea7a4 |
|||
font_05_sfnt_off00006ec6.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x6EC6 | 13088 bytes |
SHA-256: edfa9857a2d40cd605b578471a4850150fdf36db697e979840b631ddbbb0edb6 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.