PDF static analysis report

Static analysis result for SHA-256 b3834ebbbcedd231…

CLEAN

PDF

1.20 MB Created: 2008-06-09 16:49:14 UTC Authoring application: FrameMaker 7.2 (via Acrobat Distiller 8.1.0 (Windows)) First seen: 2026-05-09
MD5: eff999edb2b7c04d98024fc0892d02ec SHA-1: 8a2babf7c36cf20cdd1692d27c2f3f8ab4b2598d SHA-256: b3834ebbbcedd2319dd7b05bce6d8b792ed0c028e072314210fad442c9920a1e
8 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0017

Heuristics 4

  • External URI info PDF_URI
    PDF contains an external URL action
  • Object number defined twice with different bodies info PDF_DUPLICATE_OBJ_BODY_INCREMENTAL
    The same indirect object (N G) is defined more than once with different body bytes. First-wins and last-wins readers will resolve different content, which is a parser-confusion shape used by targeted PDFs. Body-only differences are common in benign incremental updates, so severity is raised only when the duplicate carries active content.
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://www.altera.com)/S/URI In PDF document text
    • http://www.altera.com/literature/hb/stx2gx/stxiigx_sii52002.pdfPDF link annotation
    • http://www.altera.com/literature/ug/ug_slite2.pdfIn PDF document text
    • http://www.altera.com/literature/hb/stx2gx/stxiigx_sii52002.pdf)/S/URIIn PDF document text
    • http://www.altera.com/literature/ug/ug_slite2.pdf)/S/URIIn PDF document text
    • http://www.altera.com/support)/S/URIIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/pdfx/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.iec.chIn PDF document text

Extracted artifacts 11

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_020_off00072e0a.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x72E0A 1858560 bytes
SHA-256: a77a0d96fd9ff608a30c981918b565ccd44158f0b940e8573a7ba0de2b8d56a0
icc_00_off00003a72.icc pdf-icc-profile PDF ICC profile at offset 0x3A72 3144 bytes
SHA-256: 2b3aa1645779a9e634744faf9b01e9102b0c9b88fd6deced7934df86b949af7e
font_00_cff_off00002cd1.bin pdf-font-stream PDF embedded font (cff) at offset 0x2CD1 314 bytes
SHA-256: bc0026667970b9e6843250840e0950409483aa904cb9444abe44c3ed7fed7178
font_01_cff_off000044ef.bin pdf-font-stream PDF embedded font (cff) at offset 0x44EF 4686 bytes
SHA-256: 2ae731d47aff698afe05095ba087053a645baafaefbf65b2f2e5a715da5b9203
font_02_cff_off00005556.bin pdf-font-stream PDF embedded font (cff) at offset 0x5556 3646 bytes
SHA-256: b74a6515aab0de88b596de3c57f19f9a47c6a95595b7b520a67415ccce2da733
font_03_cff_off000061b2.bin pdf-font-stream PDF embedded font (cff) at offset 0x61B2 4812 bytes
SHA-256: 39e93f47d563f8bb267bcaa0123e0574a81fc1d8dab6906754c1f02c9788a279
font_04_cff_off000071c3.bin pdf-font-stream PDF embedded font (cff) at offset 0x71C3 10520 bytes
SHA-256: 71ec30436024995b73fcab4c53068bd7e15e93520f16b5417e0cd6962cdff90a
font_05_cff_off001264f3.bin pdf-font-stream PDF embedded font (cff) at offset 0x1264F3 1327 bytes
SHA-256: 312d938216a57afc9487a22dca98fc20b1c328b27a44b5f57a10854627e0592a
font_06_cff_off0012706d.bin pdf-font-stream PDF embedded font (cff) at offset 0x12706D 2812 bytes
SHA-256: aa2f664bb15ffd5314037c6c34571cfc726e8e6ddfa903f6b6ae5187a115d4d3
font_07_cff_off00127e93.bin pdf-font-stream PDF embedded font (cff) at offset 0x127E93 5821 bytes
SHA-256: 676c08a6d142b125f672d1829bde7c2469a1808765ed825c388e0bf432647dea
font_08_cff_off00128f0f.bin pdf-font-stream PDF embedded font (cff) at offset 0x128F0F 5679 bytes
SHA-256: ef840ad852a6c31f17995de04b535f836bdad79b1dc97b96717e63b212448ad0
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact entropy is 7.40, consistent with packed or encrypted content.