PDF static analysis report

Static analysis result for SHA-256 be4ec270827fa0b2…

SUSPICIOUS

PDF

130.2 KB Created: 2022-06-10 01:32:46 +02:00 Authoring application: garshow (via PDF Master 1.0.1) First seen: 2022-07-15
MD5: eb6a199abaf7fef49807ab4317041a20 SHA-1: 03c6bb4110359e2da936b4beade3454195dcbbaf SHA-256: be4ec270827fa0b24f422c3dbf35362be6008836af4a244633d2e43118ee1920
34 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0073

Heuristics 3

  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://evacdir.com/unnecessary.blakes?ZG93bmxvYWR8N29ZYUhGaGMzeDhNVFkxTkRjNE1EYzROM3g4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk=buffaloes/denned/comsume.R29vZ2xlIFNrZXRjaFVwIFBybyAyMDIwIENyYWNrIFNlcmlhbCBDb2RlIEZyZWUgRG93bmxvYWQgW0xhdGVzdF0R29.etiology.insufficiency PDF link annotation
    • https://maedchenflohmarkt-ilmenau.de/full-robot-structural-analysis-professional-2019-crack-new/In PDF document text
    • https://endersfamilyblog.com/free-download-kamasutra-book-in-urdu-language/In PDF document text
    • http://www.studiofratini.com/sinaprog-free-download-for-windows-7-82-__full__/In PDF document text
    • https://stark-headland-81067.herokuapp.com/Adobe_After_Effects_Cs5_Amtlibdll_Crack_Mega.pdfIn PDF document text
    • https://polar-dusk-44273.herokuapp.com/examenes_psicometricos_laborales_gratis_pdf_24.pdfIn PDF document text
    • https://www.atlaspain.it/one-piece-recap-ova-download-_top_/In PDF document text
    • https://beautysecretskincarespa.com/2022/06/10/adobe-acrobat-xi-pro-11-0-22-final-crack-__link__-serial-key/In PDF document text
    • http://freemall.jp/autocad-2018-x64-32x64bit-product-key-and-xforce-_best_-keygen-keygen.htmlIn PDF document text
    • https://jgbrospaint.com/2022/06/09/hoja-de-presentacion-uasd-pdfl/In PDF document text
    • https://sketcheny.com/2022/06/10/antares-autotune-vst-v5-09-t-pain-software-sound-like-t-pain/In PDF document text
    • https://wilsonvillecommunitysharing.org/descargar-crack-no-cd-de-battlefield-2/In PDF document text
    • http://www.eventogo.com/?p=200363In PDF document text
    • https://polar-taiga-07904.herokuapp.com/Archshaders_Vol_4_Torrent_Downloadl.pdfIn PDF document text
    • https://intense-sierra-25773.herokuapp.com/Mozabook_Full_Version_Downloads_Torrent.pdfIn PDF document text
    • https://desolate-hollows-66523.herokuapp.com/Adobe_Photoshop_CC_2017_V1801_x86x64_Incl_Crack_Full_Version.pdfIn PDF document text
    • https://anchitspace.com/2022/06/09/apex-true-dbinput-pro-6-0-crack/In PDF document text
    • http://www.gambians.fi/paint-tool-sai-full-version-free-download-no-trial-76/healthy-diet/In PDF document text
    • https://www.2el3byazici.com/fspassengers-x-tested-and-working-fitgirl-repack-patched/In PDF document text
    • http://montehogar.com/?p=11960In PDF document text
    • http://malenatango.ru/vray-3-6-for-sketchup-2018-crack-cracked-latest-full-version-download/In PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_003_off00000f8c.js decompressed-pdf-stream PDF FlateDecoded stream at offset 0xF8C 4970 bytes
SHA-256: 4c4f9a9a6089f1150a4ab734d38e646e650d9f3547b8df4f7e18b60ec4d9f16d
stream_007_off00002612.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x2612 120140 bytes
SHA-256: a217f12862e0ff75203bdd4136ca0d68471050be46bb09aed5306898926ffdd4