PDF static analysis report

Static analysis result for SHA-256 a183043467e8ee3d…

CLEAN

PDF

10.82 MB First seen: 2024-11-24
MD5: 4220c2853d0270d57be2750b458dd3ad SHA-1: 87f89f7907c8da681480b54fc69b9fb6e46a2efa SHA-256: a183043467e8ee3dca5b609cc297b16978806da374d081bd9203119f14873214
22 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0407

Heuristics 2

  • Unusually high stream count medium PDF_MANY_STREAMS
    PDF contains 501+ stream objects — may indicate heap spray or heavy obfuscation
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.w3.org/1999/02/22-rdf-syntax-ns# In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://ns.adobe.com/xap/1.0/sType/ResourceRef#In PDF document text
    • http://ns.adobe.com/xap/1.0/sType/ResourceEvent#In PDF document text
    • http://ns.adobe.com/illustrator/1.0/In PDF document text
    • http://ns.adobe.com/xap/1.0/t/pg/In PDF document text
    • http://ns.adobe.com/xap/1.0/sType/Dimensions#In PDF document text
    • http://ns.adobe.com/xap/1.0/sType/Font#In PDF document text
    • http://ns.adobe.com/xap/1.0/g/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/exif/1.0/In PDF document text

Extracted artifacts 22

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_157_off00a35632.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xA35632 87104 bytes
SHA-256: 99ee9b38e3d8c188b94a74ce5a6db0fa05ef69a84780345f478c99a3dd85ceed
stream_160_off00a5a655.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xA5A655 81552 bytes
SHA-256: fe7ee776fe1234f489d025be486def12e90b346228e763bf9fbe5b34d8606410
font_00_cff_off003834d5.bin pdf-font-stream PDF embedded font (cff) at offset 0x3834D5 314 bytes
SHA-256: b3cfacfa639ecc6903c7e29ba3c8260b1a52c715a4b43c917f7232ca8ffcb064
font_01_cff_off0074520c.bin pdf-font-stream PDF embedded font (cff) at offset 0x74520C 3028 bytes
SHA-256: 7a8c7ded9ef61f9d21a254d605734976dcb413061c2d717f16ebf42623969a40
font_02_cff_off0099d2be.bin pdf-font-stream PDF embedded font (cff) at offset 0x99D2BE 201 bytes
SHA-256: 056ae485661593d9b1c1b8b4b6ba050863bd7988c00aa1138300adeb4c557d52
font_03_cff_off009acc0e.bin pdf-font-stream PDF embedded font (cff) at offset 0x9ACC0E 297 bytes
SHA-256: a497aa1cb87afabb955774f7f00236f4427d44860960f5104630dd883bb954e4
font_04_cff_off009f93da.bin pdf-font-stream PDF embedded font (cff) at offset 0x9F93DA 1997 bytes
SHA-256: 6b3ee8eb17d576b317b8094412120b333c0402f7b85ad36aa95615b4b29ec682
font_05_cff_off009f9da5.bin pdf-font-stream PDF embedded font (cff) at offset 0x9F9DA5 1858 bytes
SHA-256: dccf591e5bbb98361a0126b5635c36718fd43fe674839244e44d146a2cc1c1ac
font_06_cff_off009fa71a.bin pdf-font-stream PDF embedded font (cff) at offset 0x9FA71A 383 bytes
SHA-256: ecd16a8bfec0d26f64fb5c8184f217aa8202ceeec18b8669edb096bb9c216a3c
font_07_sfnt_off00a15ae7.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xA15AE7 6892 bytes
SHA-256: f87fcd3eedd059e4e000d7656d89e60db0fc97ff542c59a3fb720aded9c25c6e
font_08_cff_off00a16f64.bin pdf-font-stream PDF embedded font (cff) at offset 0xA16F64 1944 bytes
SHA-256: 849f13ab9635d5ba83e8a6a770c42d6c2ce9acb9b73b75efdb96ecfd5dc9417b
font_09_cff_off00a1decd.bin pdf-font-stream PDF embedded font (cff) at offset 0xA1DECD 6214 bytes
SHA-256: 10018aa051981e94e08ce79c1f11eecc3d887a7f741e6460fb0dc2e5d79d6987
font_10_cff_off00a219cc.bin pdf-font-stream PDF embedded font (cff) at offset 0xA219CC 797 bytes
SHA-256: 32c4d957278cb97573f3b2950c53e9dc2bfdf661fc2848d0255ee40e07b64c8d
font_11_cff_off00a225ab.bin pdf-font-stream PDF embedded font (cff) at offset 0xA225AB 376 bytes
SHA-256: 74560f81350fce271a33e843976929d0346bd0898758af32f29151fe150c8e0a
font_12_cff_off00a25866.bin pdf-font-stream PDF embedded font (cff) at offset 0xA25866 3042 bytes
SHA-256: fa7fa7a1b864e003be8c4b5cb4a88a3f70b78c2aa67a2f8f63d253fa1f893cfe
font_13_cff_off00a264e6.bin pdf-font-stream PDF embedded font (cff) at offset 0xA264E6 238 bytes
SHA-256: 390f5fbda23a287a3d19592a997893f79f7e14281f7c549e3b74f4e739390ffb
font_14_cff_off00a29b1a.bin pdf-font-stream PDF embedded font (cff) at offset 0xA29B1A 1771 bytes
SHA-256: d75b104b2fad4e93307eb7ed5716743a8f8520be47a379dc342c289c0513bd05
font_15_cff_off00a2c60a.bin pdf-font-stream PDF embedded font (cff) at offset 0xA2C60A 1898 bytes
SHA-256: ae865475b3892675adb9da3f476fa78d7ffe0dcaf1858732c6da6f5dec337d78
font_16_cff_off00a31eb1.bin pdf-font-stream PDF embedded font (cff) at offset 0xA31EB1 710 bytes
SHA-256: f9df7eedb7a4cd57ee5a8953019b3dfb91ef77914987415ba41b4ddd740261d8
font_17_cff_off00a32286.bin pdf-font-stream PDF embedded font (cff) at offset 0xA32286 1128 bytes
SHA-256: 75fb54e3d647f3a2cc353bfb94be6b9ebe37f3434ea59d006a64f3f6b50974d8
font_18_sfnt_off00a3f9d6.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xA3F9D6 69332 bytes
SHA-256: 8d53881564351e0787358b06ea2aeb2be52003b826a53df96b7a6023d64567a2
font_19_sfnt_off00a47982.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xA47982 14452 bytes
SHA-256: ed191c00dbe78c15a1002a8e04c03b784289b19f7a74743c2cef6ff20f28fc28