Malicious PDF — malware analysis report

Static analysis result for SHA-256 c5d4ceb73e883ed1…

MALICIOUS

PDF

128.1 KB Created: 2022-07-05 08:45:57 +00:00 Authoring application: keihugo (via PDF Master 1.0.1) First seen: 2026-06-27
MD5: 8b7676180076dc5a98cb01bd2838953e SHA-1: ce4693e711c5d7dedeac66dfbd52c6492736279b SHA-256: c5d4ceb73e883ed106287b216e5f1a15a99a6bd4e97a8fc62434e6d3c626cef5
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0087

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://hardlyfind.com/rouse.movin?UGhvdG9zaG9wIDIwMjIgKHZlcnNpb24gMjMpUGh=/storage/ZG93bmxvYWR8N1ZFT1hobU4zeDhNVFkxTmprNE1UVXdOSHg4TWpVNE4zeDhLRTBwSUVobGNtOXJkU0JiUm1GemRDQkhSVTVk/soared/surreptitiously PDF link annotation
    • https://www.touchegraphik.com/wp-content/uploads/2022/07/Photoshop_2021_Version_225_Free_Download.pdfIn PDF document text
    • https://fortunetravelsbd.com/wp-content/uploads/2022/07/Photoshop_2021_version_22.pdfIn PDF document text
    • https://www.olivegin.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2242_Crack__Serial_Number__April2022.pdfIn PDF document text
    • https://viajacomolocal.com/wp-content/uploads/2022/07/antbald.pdfIn PDF document text
    • https://thewaterdude.com/wp-content/uploads/2022/07/itefin.pdfIn PDF document text
    • https://www.bywegener.dk/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_223.pdfIn PDF document text
    • https://mymiddlevilledda.com/wp-content/uploads/2022/07/finndaph.pdfIn PDF document text
    • https://nalanda.tv/wp-content/uploads/2022/07/Photoshop_2020_version_21_Serial_Number__Free_Download_March2022.pdfIn PDF document text
    • https://www.yunusbasar.com/wp-content/uploads/2022/07/Photoshop_2021_Version_2251_Free_Download.pdfIn PDF document text
    • https://williamssyndromecincinnati.org/wp-content/uploads/2022/07/bailyude.pdfIn PDF document text
    • https://www.cdnapolicity.it/wp-content/uploads/2022/07/Photoshop_2021_Version_2210-4.pdfIn PDF document text
    • https://cawexo.com/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_222_Keygen_Full_Version_For_PC_Latest_2022.pdfIn PDF document text
    • https://esport-ready.com/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2015_Version_18_Install_Crack__Serial_Key_Free_Download_March2022.pdfIn PDF document text
    • https://mitiflowers.com/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2015_version_17.pdfIn PDF document text
    • http://freemall.jp/wp-content/uploads/2022/07/Photoshop_2021_Version_2243_Key_Generator___Free_Download_Latest.pdfIn PDF document text
    • https://verasproperties.com/wp-content/uploads/2022/07/Photoshop_2022_Version_230_Nulled__Serial_Number_Full_Torrent_Free_Updated2022.pdfIn PDF document text
    • https://citizenrelocations.com/wp-content/uploads/2022/07/Photoshop_2022_Version_2341_3264bit_Updated_2022.pdfIn PDF document text
    • https://it-labx.ru/wp-content/uploads/2022/07/Photoshop_2021_Version_2231_With_License_Code_Free_Download.pdfIn PDF document text
    • https://www.touchegraphik.com/wp-In PDF document text
    • https://www.olivegin.com/wp-In PDF document text
    • https://nalanda.tv/wp-content/uploads/2022/07/Photoshop_2020_version_21_Serial_Number__Free_DIn PDF document text
    • https://www.yunusbasar.com/wp-In PDF document text
    • https://cawexo.com/wp-content/uploads/2022/07/Adobe_Photoshop_2021_Version_222_Keygen_Full_In PDF document text
    • https://esport-ready.com/wp-content/uploads/2022/07/Adobe_Photoshop_CC_2015_Version_18_InstallIn PDF document text
    • http://freemall.jp/wp-content/uploads/2022/07/Photoshop_2021_Version_2243_Key_Generator___FreeIn PDF document text
    • https://verasproperties.com/wp-content/uploads/2022/07/Photoshop_2022_Version_230_Nulled__SeriIn PDF document text
    • https://citizenrelocations.com/wp-In PDF document text
    • https://it-labx.ru/wp-In PDF document text
    • http://tamquiqui.yolasite.com/resources/Adobe-Photoshop-2021-Crack-Full-Version--With-Full-Keygen-Free-For-PC.pdfIn PDF document text
    • https://wakelet.com/wake/aGpn9vcekw3JPuKBNI735In PDF document text
    • https://muthorighnewpna.wixsite.com/agsapeho/post/photoshop-2021-version-22-5-crack-full-version-full-version-free-downloadIn PDF document text
    • https://wakelet.com/wake/GRtGq0KpJcDYnBZm4pY9MIn PDF document text
    • http://limoti.yolasite.com/resources/Photoshop-2022-version-23-License-Key-Full-3264bit-Latest2022.pdfIn PDF document text
    • https://itosrewenkindwelth.wixsite.com/ceimutamon/post/photoshop-2021-version-22-3-keygen-crack-serial-key-license-key-full-mac-winIn PDF document text
    • https://secureservercdn.net/198.71.233.106/h43.6e7.myftpupload.com/wp-content/uploads/2022/07/Photoshop_2021_Key_Generator__Keygen_Free_X64_2022.pdf?time=1657010306In PDF document text
    • https://moqaf9.wixsite.com/dvacenefvi/post/photoshop-2021-version-22-1-1-activation-freeIn PDF document text
    • https://trello.com/c/OejzLgvU/40-adobe-photoshop-2022-version-232-with-serial-keyIn PDF document text
    • https://chrisnesreijusgast.wixsite.com/ringboburde/post/adobe-photoshop-2021-version-22-0-1-crack-patch-patch-with-serial-key-download-x64In PDF document text
    • https://wrigudethgagardia.wixsite.com/tarockberla/post/photoshop-2021-version-22-2-latest-2022In PDF document text
    • https://trello.com/c/kROWtHXl/174-adobe-photoshop-2021-version-2211-keygenexe-serial-key-freeIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://tamquiqui.yolasite.com/resources/Adobe-Photoshop-2021-Crack-Full-Version--With-Full-Keygen-In PDF document text
    • https://muthorighnewpna.wixsite.com/agsapeho/post/photoshop-2021-version-22-5-crack-full-version-In PDF document text
    • http://limoti.yolasite.com/resources/Photoshop-2022-version-23-License-Key-Full-3264bit-In PDF document text
    • https://itosrewenkindwelth.wixsite.com/ceimutamon/post/photoshop-2021-version-22-3-keygen-crack-In PDF document text
    • https://secureservercdn.net/198.71.233.106/h43.6e7.myftpupload.com/wp-content/uploads/2022/07/In PDF document text
    • https://chrisnesreijusgast.wixsite.com/ringboburde/post/adobe-photoshop-2021-version-22-0-1-crack-In PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    +8 more URL(s)

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00002da0.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x2DA0 84508 bytes
SHA-256: 2b7ba551bea82cc3307397981c1dbeb1b78486f95f2eb14e5e58d4e1b24edb0c
font_01_sfnt_off0000b58c.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xB58C 83036 bytes
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261

Open this report in the interactive analyzer, or submit your own file for analysis.