CLEAN
24
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0070
Heuristics 3
-
Document signing service impersonation lure medium SE_DOCUSIGN_LUREDocument impersonates DocuSign, Adobe Sign, or a similar signing service in a signing-request context
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://insidesales-email.com/l/1/17013924/Y/useast1-a-2022.08.23-17968506/1/ab/qRKMXSxLNNykbRYfIp4Gi7TtvHi3kRNCe0u7vsUxSps?lnk=https://share-eu1.hsforms.com/176T8k3N9Q562OEEfhS22Fg2ebzvj PDF link annotation
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 4
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_002_off00002893.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x2893 | 9884 bytes |
SHA-256: bb130886bce256025efbea8283a111b4f8aeb77e42238b195039161b7c2a7614 |
|||
font_00_sfnt_off00000fae.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xFAE | 9136 bytes |
SHA-256: 1f841dc9da1c5355ef66d614582126b61c1187be167595cf49a6f15ee836f982 |
|||
font_02_sfnt_off00004218.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x4218 | 14116 bytes |
SHA-256: b86c111dffc528bf345732086a7fb8bd890fd7b4e70a7bf410c7e456d3cc71b1 |
|||
font_03_sfnt_off000058c4.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x58C4 | 16088 bytes |
SHA-256: 43f796d449ad582cf81553743a3c5b62128bfbef4bb6aa37c2dbcd2c87cad878 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.