Malicious PDF — malware analysis report

Static analysis result for SHA-256 af26c48fcd59c9cc…

MALICIOUS

PDF

141.4 KB Created: 2022-07-26 01:48:35 +00:00 Authoring application: gwenwer (via PDF Master 1.0.1) First seen: 2026-06-22
MD5: be8336860f575ef20687cf3c1b1a3f07 SHA-1: 5e7b6117862a217b9d053803869b3f42c0e8bd7b SHA-256: af26c48fcd59c9ccb38417a498ded5103dfd36b6dfbb258abe7a3e8d59e18c35
102 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0006

Heuristics 5

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://mydrugdir.com/matriko/metropolis.guangan/ZG93bmxvYWR8TVcwZHpBNGJIeDhNVFkxT0RJeE9EazROWHg4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA/pompousness/ponson/U2lnbWEgS2V5IENyYWNrZWQU2l/soulmate.twaddle PDF link annotation
    • http://sturgeonlakedev.ca/wp-content/uploads/2022/07/opel_vin_decoder_download_crack_1.pdfIn PDF document text
    • https://togetherwearegrand.com/dvd-x-studios-clonedvd-v5-0-0-3-te-crack-new/In PDF document text
    • http://increate.net/wp-content/uploads/2022/07/alahedd.pdfIn PDF document text
    • https://helpmefinancials.com/lview-pro-2006-x64-repack-crack-cocaine/In PDF document text
    • http://yotop.ru/2022/07/26/eset-nod32-antivirus-smart-security-v-10-1-235-1-crackzsoft-serial-key-keygen-hot/In PDF document text
    • https://parsiangroup.ca/2022/07/super-pose-book-nudity-reference-book-vol-1-verified/In PDF document text
    • https://lutce.ru/wp-content/uploads/2022/07/the_thieves_korean_movie_eng_subtitle_top_download.pdfIn PDF document text
    • http://www.7daystobalance.com/advert/higher-engineering-mathematics-by-bs-grewal-pdf-42nd-edition-free-60-best/In PDF document text
    • http://marqueconstructions.com/wp-content/uploads/2022/07/markuala.pdfIn PDF document text
    • https://www.ibjf.at/wp-content/uploads/2022/07/micrografx_designer_901.pdfIn PDF document text
    • https://hominginportland.com/truecafe-4-6-crack-new-rar/In PDF document text
    • http://modiransanjesh.ir/silicon-image-sil1364-orion-add2-n-dvi-driver-new/In PDF document text
    • https://photognow.com/wp-content/uploads/2022/07/Avatar_Tamil_Dubbed_Movie_Free_Download_Hd_TOP.pdfIn PDF document text
    • https://brinke-eq.com/advert/dbx-to-pst-converter-crack-new-free-11/In PDF document text
    • https://afrisource.org/mujhse-shaadi-karogi-2-hd-movie-download-720p-movies-better/In PDF document text
    • http://lcl20oesph.org/?p=6902In PDF document text
    • http://dottoriitaliani.it/ultime-notizie/rimedi-naturali/hum-dono-1961-full-movie-in-colour-download-19-free/In PDF document text
    • https://4w15.com/samsung-clone-s10-plus-flash-file-mt6580-8-1-firmware-stock-rom/In PDF document text
    • https://www.touchegraphik.com/wp-content/uploads/2022/07/vaugjere.pdfIn PDF document text
    • https://tcgworldwide.org/wp-content/uploads/2022/07/Aams_Auto_Audio_Mastering_System_Keygen_FREE_36.pdfIn PDF document text
    • http://yotop.ru/2022/07/26/eset-nod32-antivirus-smart-security-v-10-1-235-1-crackzsoft-serial-key-In PDF document text
    • https://lutce.ru/wp-In PDF document text
    • http://www.7daystobalance.com/advert/higher-engineering-mathematics-by-bs-grewal-pdf-42nd-In PDF document text
    • https://photognow.com/wp-In PDF document text
    • http://dottoriitaliani.it/ultime-notizie/rimedi-naturali/hum-dono-1961-full-movie-in-colour-In PDF document text
    • https://tcgworldwide.org/wp-In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.