CLEAN
22
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0002
Heuristics 2
-
Clickable URI uses URL shortener medium PDF_URL_SHORTENER_URIPDF contains a clickable HTTP(S) action whose destination is a URL shortener. This hides the final landing page from static review and is common in phishing redirect PDFs.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://rebrand.ly/c40yshn In PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
- http://www.microsoft.com/typography/ctfontshttp://www.fonts.comMicrosoftIn PDF document text
- http://www.microsoft.com/typography/fonts/default.aspxIn PDF document text
Extracted artifacts 6
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_006_off00019aac.js |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x19AAC | 7693 bytes |
SHA-256: 3f69155fa489b283af736e5bbec3d04001757869249507c78688ae26ba987890 |
|||
font_00_sfnt_off00000a60.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xA60 | 30492 bytes |
SHA-256: 360dd59a8abc3ca09dccff024723e23d6dd800441764530b1c2d7b0045b64d0f |
|||
font_01_sfnt_off00004d6f.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x4D6F | 58068 bytes |
SHA-256: df7f630c354e3707d09a7d7d3edf38d32c18f73d492e25755e0a5b7d08dabd04 |
|||
font_02_sfnt_off0001c603.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x1C603 | 48312 bytes |
SHA-256: ba9f42fbaffc705dc860ae9ffad839cf33de85e6d4447b65ae0530d5bf61a2c1 |
|||
font_03_sfnt_off00023a0e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x23A0E | 18276 bytes |
SHA-256: c11aab122a0eb992397f5fe8197613fe231f9475f752d48ecee91efab697e137 |
|||
font_04_sfnt_off000263e3.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x263E3 | 58156 bytes |
SHA-256: baaea521a91cca4912607cf63c685ec419a042e5c6045d7d4b6e1f148526b487 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.