PDF static analysis report

Static analysis result for SHA-256 beb58a4a292dba63…

CLEAN

PDF

231.8 KB Created: 2025-07-21 20:01:48 +00:00 Authoring application: Canva (Renderer mixed) First seen: 2025-07-22
MD5: 6e9196ae85784086085c020eda9323bb SHA-1: e211d2ec323387e872c0f579c0cd1bfc0d2e7a09 SHA-256: beb58a4a292dba6398bb009d56fc841692b16fac336ef0ce5131350522d2fba5
22 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0001

Heuristics 2

  • Clickable URI uses URL shortener medium PDF_URL_SHORTENER_URI
    PDF contains a clickable HTTP(S) action whose destination is a URL shortener. This hides the final landing page from static review and is common in phishing redirect PDFs.
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://cutt.ly/LrRlsb0G In PDF document text

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
icc_00_off00028936.icc pdf-icc-profile PDF ICC profile at offset 0x28936 536 bytes
SHA-256: d9f822e8083f2f4d1c91e887454be5f75e8c7144b2853408f361e3c4a7a6b36d
font_00_sfnt_off0002bc21.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x2BC21 6764 bytes
SHA-256: f657d073a4969ee45a39271b1fff81696071dbebeab33ce11419dba486b48f7c