PDF static analysis report

Static analysis result for SHA-256 f67dddc913c9be0a…

CLEAN

PDF

829.5 KB First seen: 2026-05-10
MD5: 89f351d9240f0d87194048e78998494e SHA-1: 4bf82b4e55b03949d3554a6d6eb9530272b51b3b SHA-256: f67dddc913c9be0a5b1bc6306ca14b39a28b4246adabe1bbfa8a04be4ee88e5e
6 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0001

Heuristics 3

  • External URI info PDF_URI
    PDF contains an external URL action
  • Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE
    One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://core.ac.uk/recommender/redirect?url=https://trackingservice.monday.com/tracker/link?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmlnaW5hbFVybCI6Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9jb21tb24vb2F1dGgyL3YyLjAvYXV0aG9yaXplP3Njb3BlX2hpbnQ9bGlnaHRfc2NvcGUmc2Vzc2lvbl9jbGFzcz1icm9uemUmbmF2PW1pbmliYXImdXNlckZsb3dWZXJzaW9uPXYzLjAuMSZ2aWV3X3R5cGU9Y29tcGFjdCZhcGlfc2NoZW1hPXYxJmFjY2Vzc19sZXZlbD1iYXNpYyZyZXRyeV90b2tlbj1UeFJoRE9pdCZjYWNoZV9jb250cm9sPXByaXZhdGUmYnJpZ2h0bmVzc19tb2RlPWhpZ2gtY PDF link annotation
    • https://core.ac.uk/recommender/redirect?url=https://trackingservice.monday.com/tracker/link?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmlnaW5hbFVybCI6Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9jb21tb24vb2F1dGgyL3YyLjAvYXV0aG9yaXplP3Njb3BlX2hpbnQ9bGlnaHRfc2NvcGUmc2Vzc2lvbl9jbGFzcz1icm9uemUmbmF2PW1pbmliYXImdXNlckZsb3dWZXJzaW9uPXYzLjAuMSZ2aWV3X3R5cGU9Y29tcGFjdCZhcGlfc2NoZW1hPXYxJmFjY2Vzc19sZXZlbD1iYXNpYyZyZXRyeV90b2tlbj1UeFJoRE9pdCZjYWNoZV9jb250cm9sPXByaXZhdGUmYnJpZ2h0bmVzc19tb2RlPWhpZ2gtY29udHJhc3QmbWV0cmljX3Nlc3Npb25faWQ9bXNpZC0xNjc3OTg1ZS1lMGVkLTQ0MmQtOGFhMy03ODg3MjY4OTdkZjQmcmVuZGVyX21vZGU9aHlicmlkJmVuZ2luZV92YXJpYW50PW5vZGVfZXhwJmF1ZGlvX21vZGU9c3RlcmVvJnJlZ2lvbj1TRUEmZGV2aWNlX2lkPWMzYjFlMzY2LTQ4NTAtNDMzNy04YWU0LTg1YzljMTdkNzNlZCZkZXZpY2Vfb3JpZW50YXRpb249aW52ZXJ0ZWQmZXhwX2lkPWRlZXBuYXYtMzEyMCZ1dG1fc291cmNlPW91dHJlYWNoJnRyYWNraW5nX2NvZGU9UVl0UE1HWG4mYmV0YV9tb2RlPXRydWUmY29udGVudF9kZW5zaXR5PW1pbmltYWwmcmVjb3ZlcnlfbW9kZT1hc3Npc3RlZCZ0cmFja2luZ19pZD1DT05ORUNULTU1MTImaW50ZXJmYWNlX3ZhcmlhbnQ9Y29udHJhc3Qmc3VwcG9ydENvbnRhY3Q9c2VydmljZSU0MGlibS5jb20mdXRtX21lZGl1bT1lbWFpbCZkZXZpY2VNb2RlbD1HYWxheHlTMjMmZGVlcF9saW5raW5nPWZhbGxiYWNrJmlkcF92ZXJzaW9uPTQuMSZmZWF0dXJlX2ZsYWc9YWRhcHRpdmVCb29zdCZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzQSUyRiUyRmdyYXBoLm1pY3Jvc29mdC5jb20lMkZVc2VyLlJlYWQmb3NfdmVyc2lvbj1VYnVudHUyMi4wNCZwcmV2aWV3PTAmbXVsdGlfZmFjdG9yPWF1dGhlbnRpY2F0b3ImcmVuZGVyX3Byb2ZpbGU9bGl0ZSZ2YWxpZGF0aW9uX3J1bGU9c29mdCZpbnRlcmZhY2U9bW9kZXJuJmNhY2hlX21vZGU9c3RyaWN0JmludGVncmF0aW9uSUQ9QUkyMDI1LVIyJmZhbGxiYWNrX2xhbmd1YWdlPW15JnN0YXRlPTEzMTUyNTMyMjkxMTIzMTEyNzI3OTAxMjMyMTMyNjI1MjUxNTEzMzI5MTEzMjYyNCZtZWRpYV9wcmlvcml0eT1hdWRpbyZyaXNrX3Njb3JlPWxvdyZmZWF0dXJlX3BhY2s9c2VjdXJpdHkmY291bnRyeV9jb2RlPURFJmxvY2FsZT1qYS1KUCZwbGF0Zm9ybV90eXBlPXR2JmVudHJ5X3ByaW9yaXR5PWhpZ2gmaGFuZG9mZl90b2tlbj01a1Z4alRpaEgxJnBpcGVsaW5lX3N0YWdlPWNhbmFyeSZyZWY9YWRhcHRpdmUmY2xpZW50X3ZlcnNpb249djEuMjMuMCZwaXBlbGluZV9pZD1waXBlLTk5MiZ0aW1lem9uZT1Bc2lhJTJGVG9reW8mY2RuX3JlZ2lvbj1ldS1jZW50cmFsJmFkX3ZhcmlhbnQ9Y29udHJvbCZjbGllbnRfY2hhbm5lbD1pbnRlcm5hbCZzZXNzaW9uX2lkPWI2NGVmYjJkLIn document body

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_029_off000be461.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0xBE461 42912 bytes
SHA-256: 80b169987b8232d3974fd4d945366d0955e8af44b45e1dc2f59b4fa29300cf7b
Detection
ClamAV: No threats found
Obfuscation or payload: likely
Carved artifact contains 8 long base64-like blob(s).
icc_00_off000bbbd5.icc pdf-icc-profile PDF ICC profile at offset 0xBBBD5 536 bytes
SHA-256: d9f822e8083f2f4d1c91e887454be5f75e8c7144b2853408f361e3c4a7a6b36d
icc_01_off000bbd4a.icc pdf-icc-profile PDF ICC profile at offset 0xBBD4A 512 bytes
SHA-256: b16df85b4eeb41adae485a2421bf2b813f79efe92756c9cd58713084dfd1083f