CLEAN
6
Risk Score
Malware Insights
MITRE ATT&CK
T1059.001 JavaScript/JScript
T1204.002 Malicious File
The PDF contains embedded JavaScript, indicated by the PDF_JS heuristic. It also relates to CVE-2023-26369, a known PDF vulnerability. While the document body is unreadable, the presence of JavaScript and a CVE association strongly suggests an exploit attempt. The embedded URL, though marked as benign, is included as a potential IOC.
Machine Learning
- Nyx PDF Classifier clean score 0.0003
Heuristics 3
-
TrueType bitmap font + active content — CVE-2023-26369 related info PDF_CVE_2023_26369_RELATEDPDF embeds a TrueType font with bitmap tables (EBDT/sbix/CBDT) alongside exploit delivery indicators — CVE-2023-26369 exploits the sfac_GetSbitBitmap function in Adobe's libCoolType for arbitrary code execution. This CVE was actively exploited in the wild, but this rule does not validate the malformed EBLC/EBDT primitive.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://www.nhsbt.nhs.uk/tissueservices/aboutus/whowhereweare/ In PDF document text
- http://www.nhsbt.nhs.uk/tissueservices/pdf/products/productsheet/human_dermis.pdfIn PDF document text
- http://www.cellrighttechnologies.com/concelltrate.htmlIn PDF document text
- http://www.mtf.org/tissue_recipients.htmlIn PDF document text
- http://www.gtm-v.de/In PDF document text
- http://www.cellrighttechnologies.com/In PDF document text
- http://www.cellrighttechnologies.com/dermis.htmlIn PDF document text
- https://www.tissueregenix.com/cellright-technologies/products/amnioworksIn PDF document text
- http://www.penninehealthcare.co.uk/about-pennine/In PDF document text
- http://www.supplychainassociation.org/?page=FAQIn PDF document text
- http://www.magnetgroup.com/aboutus.htmlIn PDF document text
- https://www.vizientinc.com/what-we-doIn PDF document text
- http://www.acelity.com/products/strattice-reconstructive-tissue-matrix#tab_2In PDF document text
- http://www.credenceresearch.com/report/wound-care-marketIn PDF document text
- http://www.biomedgps.com/wound-care/In PDF document text
- http://mimedx.com/products#quicktabs-product_tabs=2In PDF document text
- http://www.primatrix.com/file-assets/primatrix-product-summary1.pdfIn PDF document text
- http://www.dermagraft.com/home/In PDF document text
- http://www.apligraf.com/professional/In PDF document text
- http://zatoka.icm.edu.pl/acclin/vol_2_issue_1/acclin_5_08_paessler2_48-60.pdfIn PDF document text
- http://www.cryolife.com/products/cardiac-allografts/cryovalve-aortic-valve/In PDF document text
- https://www.zionmarketresearch.com/news/global-prosthetic-heart-valve-marketIn PDF document text
- http://www.tissueregenix.com/In PDF document text
- http://www.fisma.org/In PDF document text
- http://www.trinitydelta.org/In PDF document text
- https://otp.tools.investis.com/clients/uk/tissueregenix1/rns/regulatory-story.aspx?newsid=985521&cid=208PDF link annotation
- http://otp.investis.com/clients/uk/tissueregenix1/rns/regulatory-story.aspx?newsid=981596&cid=208In PDF document text
- http://www.who.int/bulletin/volumes/88/11/09-074542/en/In PDF document text
- http://www.fda.gov/BiologicsBloodVaccines/TissueTissueProducts/default.htmIn PDF document text
- http://groups.molbiosci.northwestern.edu/holmgren/Glossary/Definitions/Def-X/Xenograft.htmlIn PDF document text
- http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/Overview/ClassifyYourDevice/In PDF document text
- http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/HowtoMarketYourDevice/PremarketSubmissions/PremarketNotification510k/ucm2005718.htmIn PDF document text
- http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/HowtoMarketYourDevice/PremarketSubmissions/PremarketNotification510k/ucm134571.htmIn PDF document text
- http://www.fda.gov/medicaldevices/deviceregulationandguidance/howtomarketyourdevice/premarketsubmissions/premarketapprovalpma/In PDF document text
- https://www.gov.uk/guidance/medical-devices-conformity-assessment-and-the-ce-markIn PDF document text
- https://en.wikipedia.org/wiki/Bone_tissueIn PDF document text
- https://www.britannica.com/science/cancellous-boneIn PDF document text
- https://otp.tools.investis.com/clients/uk/tissueregenix1/rns/regulatory-story.aspx?newsid=1080521&cid=208In PDF document text
- https://www.ncbi.nlm.nih.gov/pubmed/19453351In PDF document text
- http://emedicine.medscape.com/article/1298129-overviewIn PDF document text
- http://www.beckershospitalreview.com/finance/6-of-the-largest-gpos-2015.htmlIn PDF document text
- https://www.premierinc.com/about-premier/about-us/In PDF document text
- http://www.beckershospitalreview.com/finance/4-of-the-largest-gpos-2017.htmlIn PDF document text
- https://www.fss.va.gov/In PDF document text
- http://www.marketsandmarkets.com/Market-Reports/wound-care-market-371.htmlIn PDF document text
- http://coc.unm.edu/common/training/DebridementMurdoch.pdfIn PDF document text
- https://en.wikipedia.org/wiki/Negative-pressure_wound_therapyIn PDF document text
- http://www.transparencymarketresearch.com/pressrelease/tissue-engineered-skin-substitute.htmIn PDF document text
- http://www.integralife.com/index.aspx?redir=detailproduct&Product=770&ProductName=Integra%AE%20BioFix%AE%20%26%20BioFix%AE%20Plus%20Amniotic%20Membranes&ProductLineName=Soft%20Tissue%20Solutions&ProductLineID=78&PA=Upper%20ExtremityIn PDF document text
- http://synthes.vo.llnwd.net/o16/LLNWMB8/US%20Mobile/Synthes%20North%20America/Product%20Support%20Materials/Brochures/MXBRODermaMatrixAcellularJ7237F.pdfIn PDF document text
+31 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_045_off000c308c.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0xC308C | 96580 bytes |
SHA-256: a6fb5512fcf75823237b4c1534c7fb8e5cd27335283f19e04e6f3df9e878affa |
|||
stream_047_off000e9baf.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0xE9BAF | 147332 bytes |
SHA-256: db203a10509394369e59ecfb9ddcfa8a39f5c12e3c752a7b48d1b782e97d1c9d |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.