PDF malware analysis — malicious · d1ac6cd50d950417

MALICIOUS

PDF

1.02 MB Created: 0I*MÙJÖ¡Ü×îâ¯ó_Ô Authoring application: "lØ])ÅFöùù¼ûúOÓäpXßäßd¨2OÀZ>ÇùÃ±È!]r1øí,J·µØ<´Ã»Lì§uvÆÉ=±lýðönmb (via '}þXFÌÄ½ÞÌàúúµ@´mYÓÂtøIz\ lÕþÈÿ+tS6n©£p<3&õ) First seen: 2026-05-11

MD5: c6f0ff0559a80aa83cfcbe5efec6f5f7 SHA-1: 52a31fa269de7e8f9105c43d66db13927776761e SHA-256: d1ac6cd50d950417fa8e75e20ceb78c120bf6a735504d0f9957d0f645d42d1cb

86 Risk Score

Malware Insights

MITRE ATT&CK

T1059.001 PowerShell

The PDF file is encrypted and contains no readable text, making its direct purpose unclear. However, the presence of JBIG2 encoded streams, particularly a large one, suggests an attempt to hide content. The file's SHA256 hash is included as a primary IOC. Without further analysis of the JBIG2 streams or any potential embedded scripts, the exact attack pattern and family remain uncertain.

Machine Learning

Nyx PDF Classifier clean score 0.0096

Heuristics 5

PDF JavaScript exploit cluster critical PDF_JS_EXPLOIT_CLUSTER

PDF combines an executable JavaScript/action surface with exploit staging indicators such as eval/unescape/fromCharCode, XFA script content, or a related CVE pattern. Benign form JavaScript remains low-severity, but this correlated cluster is high-confidence malicious behavior.
JBIG2Decode filter medium PDF_JBIG2

JBIG2 image decoder present — historically used in zero-click exploits
Encrypted PDF (string and stream contents are opaque to static scan) info PDF_ENCRYPTED

PDF declares /Encrypt — string objects and stream contents are encrypted with the standard security handler (RC4 or AES). On its own this is informational; legitimate encrypted documents include signed contracts, billing statements, and rights-managed material. Static heuristics cannot inspect encrypted payload bytes.
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGE

One or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
URL http://www)92(.westciv)92(.com/ Referenced by PDF JavaScript
- http://webdevfoundations.nReferenced by PDF JavaScript
- http://webdevfoundations.net/Referenced by PDF JavaScript
- http://www)92(.colr)111(.org)-306(toReferenced by PDF JavaScript
- http://colorsontheweb.com/colorwizard.asp)TjReferenced by PDF JavaScript
- http://www)92(.leestreet.com/QuickColor)111(.swfReferenced by PDF JavaScript
- http://colorschemedesigner)111(.com/Referenced by PDF JavaScript
- http://www)92(.colorjack.com/articles/color_formulas.htmlReferenced by PDF JavaScript
- http://www)92(.vischeck.com/vischeck/Referenced by PDF JavaScript
- http://www)92(.vischeck.com/vischeck/vischeckURL.php)-306(toReferenced by PDF JavaScript
- http://webdevfoundations.net/color)-306(pr)18(ovidesReferenced by PDF JavaScript
- http://thecounter)111(.com)-306(indicateReferenced by PDF JavaScript
- http://www)92(.ampsoft.net/webdesign-l/W)18(indowsMacFonts.htmlReferenced by PDF JavaScript
- http://www)92(.webaimReferenced by PDF JavaScript
- http://echoecho.com/cReferenced by PDF JavaScript
- http://www)92(.webdevfoundations.net)-306(forReferenced by PDF JavaScript
- http://positioniseverything.net)TjReferenced by PDF JavaScript
- http://www)92(.dezwozhere.com/links.htmlReferenced by PDF JavaScript
- http://www)92(.echoecho.com/css.htmReferenced by PDF JavaScript
- http://www)92(.davesite.com/webstation/css/Referenced by PDF JavaScript
- http://www)92(.my-photoshop.com/bydesign/id-tutorials/color)55(-psychology)92(.htmlReferenced by PDF JavaScript
- http://www)92(.colormatters.com/colortheory)92(.htmlReferenced by PDF JavaScript
- http://colortheory)92(.liquisoft.com/Referenced by PDF JavaScript
- http://www)92(.digital-web.com/articles/color_theory_for_the_colorblind/Referenced by PDF JavaScript
- http://colorschemer)111(.com/schemes/Referenced by PDF JavaScript
- http://www)92(.colr)111(.orgReferenced by PDF JavaScript
- http://ppdf.phoenix.edu/ProtectedPdf/v2Referenced by PDF JavaScript
- http://www)92(.csszengarden.comReferenced by PDF JavaScript
- http://www)92(.w3.org/Style/Referenced by PDF JavaScript
- http://reference.sitepoint.com/css)-306(andReferenced by PDF JavaScript
- http://meyerweb.com/eric/tools/color)55(-blend)-306(toReferenced by PDF JavaScript
- http://kuler)111(.Adobe.comReferenced by PDF JavaScript
- http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtdReferenced by PDF JavaScript
- http://www.w3.org/1999/xhtmlReferenced by PDF JavaScript
- http://meyerweb.com/eric/tools/colReferenced by PDF JavaScript
- http://jigsaw)55(.w3.org/css-validatorReferenced by PDF JavaScript
- http://www)92(.w3.org/TR/REC-CSS2/fonts.htmlReferenced by PDF JavaScript
- http://jigsaw)92(.w3.org/css-validator/Referenced by PDF JavaScript
- http://www)92(.w3schools.com/css/Referenced by PDF JavaScript
- http://www)92(.w3.org/Style/CSS/Referenced by PDF JavaScript
- http://www)92(.infoplease.com/spot/colors1.htmlReferenced by PDF JavaScript
- http://coe.sdsu.edu/eet/Articles/wadecolor/start.htm)TjReferenced by PDF JavaScript
- http://iit.bloomu.edu/vthc/Design/psychology)92(.htmReferenced by PDF JavaScript
- http://meyerweb.com/eric/tools/color)55(-blendReferenced by PDF JavaScript
- http://kuler)111(.adobe.com/Referenced by PDF JavaScript
- http://jigsaw)92(.w3.org/css-validatorReferenced by PDF JavaScript
- https://ppdf.phoenix.edu/ProtectedPdf/v2In PDF document text
- http://www.iec.chIn PDF document text

Extracted artifacts 32

Files carved from inside the sample during analysis.

Filename	Kind	Source	Size
`javascript_obj0098_003.js`	pdf-javascript-stream	PDF /JS object 98 at offset 0x9A0C	63 bytes
SHA-256: `124e5a69dd65c776fedcd9dd2c2c8da294be8e178f606114dce0c20ee82e47d8`
Preview script First 1,000 lines of the extracted script if (typeof fx != 'undefined' && typeof fx == 'function'){fx();}
`javascript_obj0144_006.js`	pdf-javascript-stream	PDF /JS object 144 at offset 0xD63C	66542 bytes
SHA-256: `5bb80e13d8f79a31f38184b1806e13c548d3ed1ca194b19c903dfe5c41e6d613`
Preview script First 1,000 lines of the extracted script �� f u n c t i o n p p d f O n I n i t i a l i z e ( ) { g _ p r e f e r e n c e s = p _ a l e r t o n u n l o c k \| p _ s h o w p a s s w o r d \| p _ a l e r t o n f a i l e d s e l f u n l o c k ; } v a r x = " 2 0 1 0 - 6 - 4 ( V e r s i o n 2 . 6 . 0 B u i l d 2 . 0 . 7 . 3 6 ) " ; v a r q = " h t t p s : / / p p d f . p h o e n i x . e d u / P r o t e c t e d P d f / v 2 " ; v a r a o = 1 0 0 0 * 6 0 * 6 0 * 2 4 ; v a r e c = f a l s e ; v a r e w = 6 ; v a r b g = 0 ; v a r c q = f a l s e ; v a r d j = n u l l ; v a r d n = f a l s e ; v a r d f = f a l s e ; v a r d s = n u l l ; v a r d w = ' W H A T A R E Y O U L O O K I N A T ? ' ; v a r e a = f a l s e ; v a r f w = f a l s e ; v a r f v = t r u e ; v a r g i = n u l l ; v a r F A = f a l s e ; v a r g _ f i e l d _ n a m e _ t r e e = n e w O b j e c t ( ) ; g _ f i e l d _ n a m e _ t r e e [ " b o o m . f o r m . r e s p o n s e " ] = n e w A r r a y ( " h a s h " , " u s e r n a m e " , " d o c i d " ) ; v a r g _ p r e f e r e n c e s = 0 x F F F F F F F F ; v a r p _ p i n g o n s t a r t u p = 0 x 0 0 0 0 0 0 0 1 ; v a r p _ a l e r t o n u n l o c k = 0 x 0 0 0 0 0 0 0 2 ; v a r p _ a l e r t o n n e w g u i d = 0 x 0 0 0 0 0 0 0 4 ; v a r p _ a l e r t o f f l i n e d a y s = 0 x 0 0 0 0 0 0 0 8 ; v a r p _ u s e c h a l l e n g e r e s p o n s e = 0 x 0 0 0 0 0 0 1 0 ; v a r p _ s h o w p a s s w o r d = 0 x 0 0 0 0 0 0 2 0 ; v a r p _ a l e r t o n f a i l e d s e l f u n l o c k = 0 x 0 0 0 0 0 0 4 0 ; v a r p _ s h o w p h o n e t e m p l a t e o n s t a r t u p = 0 x 0 0 0 0 0 0 8 0 ; v a r p _ a l e r t o n p h o n e t e m p l a t e = 0 x 0 0 0 0 0 1 0 0 ; v a r p _ p h o n e u n l o c k i n s t r u c t i o n s = " O f f l i n e U n l o c k P r o c e d u r e s : \ n \ n 1 . P l e a s e c a l l t h i s t o l l f r e e n u m b e r t o u n l o c k y o u r d o c u m e n t w i t h o u t i n t e r n e t a c c e s s : 6 6 6 . 6 6 6 . 6 6 6 6 \ n \ n 2 . P r o v i d e t h e s e r i a l n u m b e r , a c c e s s c o d e a n d d o c u m e n t n u m b e r . \ n \ n 3 . Y o u w i l l b e p r o v i d e d a u n l o c k c o d e . \ n \ n 4 . E n t e r t h e u n l o c k c o d e a n d c l i c k o n ' O f f l i n e U n l o c k ' b u t t o n . \ n \ n M e s s a g e c o d e : 0 1 2 " ; v a r Q = / ^ ( N o t A l l o w e d E r r o r ) + ( . ) + / i ; v a r g h = " _ S I " ; v a r g q = " 2 _ 5 _ 3 " ; v a r N = { K : " M A C " } ; v a r A = { b x : 0 , J A : 1 , H A : 2 , a : 3 , L A : 4 , d y : 5 } ; v a r M A = { U A : 0 , T A : 1 , Z A : 2 } v a r G A = 2 ; v a r E A = f a l s e ; v a r p A = 2 5 ; v a r R = { B A : " $ $ 0 _ g _ 1 7 6 9 9 7 " , h A : " $ $ 0 _ k _ " , f A : " " , b : " $ $ 0 _ o _ 1 7 6 9 9 7 " , S : " b o o m _ c o o k i e 1 0 0 0 _ 0 0 0 1 _ 4 F 2 1 _ 0 0 0 2 B 3 6 5 _ " } ; f u n c t i o n c v ( ) { r e t u r n T ( R . b ) ! = n u l l \| \| T ( R . S + " _ J " ) ! = n u l l ; } f u n c t i o n f k ( m e s s a g e , t i t l e ) { t i t l e = " P r o t e c t e d p d f - " + ( ( t i t l e = = n u l l ) ? " M e s s a g e " : t i t l e ) ; a p p . a l e r t ( g d ( m e s s a g e ) , 3 , 0 , t i t l e ) ; } f u n c t i o n f j ( m e s s a g e , t i t l e ) { t i t l e = " P r o t e c t e d p d f - " + ( ( t i t l e = = n u l l ) ? " E r r o r " : t i t l e ) ; a p p . a l e r t ( g d ( m e s s a g e ) , 0 , 0 , t i t l e ) ; } f u n c t i o n f l ( m e s s a g e , t i t l e ) { t i t l e = " P r o t e c t e d p d f - " + ( ( t i t l e = = n u l l ) ? " M e s s a g e " : t i t l e ) ; r e t u r n a p p . a l e r t ( g d ( m e s s a g e ) , 2 , 2 , t i t l e ) = = 4 ; } f u n c t i o n g d ( a a ) { i f ( a a . i n d e x O f ( " @ g u i d @ " ) ! = - 1 ) a a = a a . r e p l a c e ( " @ g u i d @ " , U ( ) ) ; i f ( a a . i n d e x O f ( " @ o f f l i n e D a y s @ " ) ! = - 1 ) a a = a a . r e p l a c e ( " @ o f f l i n e D a y s @ " , ( X . n A ( ) ! = u n d e f i n e d ) ? ( X . n A ( ) ) : " U n a v a i l a b l e " ) ; r e t u r n a a ; } f u n c t i o n a m ( ) { t r y { i f ( t y p e o f p p d f O n I n i t i a l i z e = = " f u n c t i o n " ) p p d f O n I n i t i a l i z e ( ) ; n ( ) ; U ( d p ! = " p p d f c r m " ) ; v a r a h = t h i s . g e t F i e l d ( " b o o m . p r o t e c t e d p d f _ v e r s i o n " ) ; a h . v a l u e = x ; } f i n a l l y { t h i s . d i r t y = f a l s e ; } } f u n c t i o n c A ( s h o w ) { v a r e o = t h i s . g e t F i e l d ( " b o o m . f o r m . o n l i n e " ) ; i f ( e o ! = u n d e f i n e d ) e o . d i s p l a y = s h o w ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; e l s e { v a r e A = t h i s . g e t F i e l d ( " b o o m . f o r m . p w d _ l a b e l " ) ; i f ( e A ! = u n d e f i n e d ) e A . d i s p l a y = s h o w ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; v a r d A = t h i s . g e t F i e l d ( " b o o m . f o r m . n e v e r s e n d . p w d " ) ; i f ( d A ! = u n d e f i n e d ) d A . d i s p l a y = s h o w ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; v a r b A = t h i s . g e t F i e l d ( " b o o m . f o r m . l o g i n " ) ; i f ( b A ! = u n d e f i n e d ) b A . d i s p l a y = s h o w ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; } } f u n c t i o n e g ( ) { c A ( t r u e ) v a r a A = t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e " ) ; i f ( a A ! = u n d e f i n e d ) a A . d i s p l a y = d i s p l a y . h i d d e n ; a A . v a l u e = " " ; v a r i s N o I n t e r n e t = t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e _ c k b " ) ; i s N o I n t e r n e t . c h e c k T h i s B o x ( 0 , f a l s e ) ; } f u n c t i o n e f ( ) { c A ( f a l s e ) ; v a r a A = t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e " ) ; a A . d i s p l a y = d i s p l a y . v i s i b l e ; v a r i s N o I n t e r n e t = t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e _ c k b " ) ; i s N o I n t e r n e t . c h e c k T h i s B o x ( 0 , t r u e ) ; } f u n c t i o n u ( ) { t r y { v a r i n f o = t h i s . g e t F i e l d ( " b o o m . i n f o " ) ; i n f o . d i s p l a y = d i s p l a y . v i s i b l e ; v a r a d = t h i s . g e t F i e l d ( " b o o m . f o r m " ) ; a d . d i s p l a y = d i s p l a y . v i s i b l e ; i f ( t h i s . g e t F i e l d ( " b o o m . f o r m . o n l i n e . u n l o c k " ) ! = n u l l ) { i f ( t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . u s e r n a m e " ) ! = n u l l ) e g ( ) ; e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . T h e t e m p l a t e m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 1 4 " ) ; } e l s e i f ( t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e . u n l o c k " ) ! = n u l l ) { e g ( ) ; i f ( t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e . a c " ) ! = n u l l & & t h i s . g e t F i e l d ( " b o o m . f o r m . o f f l i n e . u c " ) ! = n u l l & & t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . u s e r n a m e " ) ! = n u l l ) { i f ( d x ( p _ s h o w p h o n e t e m p l a t e o n s t a r t u p ) ) e f ( ) ; } e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . T h e t e m p l a t e m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 1 5 " ) ; } v a r s = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d " ) ; i f ( s ! = n u l l ) s . d i s p l a y = d i s p l a y . h i d d e n ; v a r z = t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e " ) ; z . v a l u e = " " ; v a r d c = t h i s . g e t O C G s ( ) ; f o r ( w = 0 ; w < d c . l e n g t h ; w + + ) { i f ( d c [ w ] . n a m e = = " v i t r H L " ) { d c [ w ] . s t a t e = f a l s e ; } i f ( d c [ w ] . n a m e = = " T O P " ) { d c [ w ] . s t a t e = t r u e ; } } a s ( 1 ) ; d f = f a l s e ; } c a t c h ( c r ) { f k ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . I t m a y b e d a m a g e d o r h a s b e e n t a m p e r e d w i t h . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 1 3 " ) ; } f i n a l l y { t h i s . d i r t y = f a l s e ; } } f u n c t i o n r ( ) { t r y { t h i s . d e l a y = t r u e ; v a r i n f o = t h i s . g e t F i e l d ( " b o o m . i n f o " ) ; i n f o . d i s p l a y = d i s p l a y . h i d d e n ; v a r a d = t h i s . g e t F i e l d ( " b o o m . f o r m " ) ; a d . d i s p l a y = d i s p l a y . h i d d e n ; a d = t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . d o c i d " ) ; i f ( a d ! = n u l l ) a d . d i s p l a y = d i s p l a y . v i s i b l e ; a d = t h i s . g e t F i e l d ( " b o o m . f o r m . d o c i d _ l a b e l " ) ; i f ( a d ! = n u l l ) a d . d i s p l a y = d i s p l a y . v i s i b l e ; v a r s = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d " ) ; i f ( s ! = n u l l ) s . d i s p l a y = d i s p l a y . v i s i b l e ; v a r d c = t h i s . g e t O C G s ( ) ; f o r ( w = 0 ; w < d c . l e n g t h ; w + + ) { i f ( d c [ w ] . n a m e = = " v i t r H L " ) { d c [ w ] . s t a t e = t r u e ; } i f ( d c [ w ] . n a m e = = " T O P " ) { d c [ w ] . s t a t e = f a l s e ; } } a s ( 0 ) ; t h i s . d e l a y = f a l s e ; d f = t r u e ; v a r g g = f a l s e ; i f ( ( m c \| \| z q ) & & ! f w ) { i f ( d x ( p _ a l e r t o n u n l o c k ) & & ( f l ( " T h e d o c u m e n t h a s b e e n s u c c e s s f u l l y u n l o c k e d . W o u l d y o u l i k e t o b e a u t o m a t i c a l l y s i g n e d i n t o t h i s d o c u m e n t n e x t t i m e ? P l e a s e c l i c k N o i f t h i s i s a p u b l i c c o m p u t e r . \ n \ n M e s s a g e c o d e : 0 0 1 " ) ) ) { C A ( ) ; } e l s e i f ( ! d x ( p _ a l e r t o n u n l o c k ) ) { C A ( ) ; } g g = t r u e ; } i f ( f m ) g g = t r u e ; i f ( f w & & d x ( p _ a l e r t o n u n l o c k ) ) f k ( " T h e d o c u m e n t h a s b e e n s u c c e s s f u l l y u n l o c k e d . \ n \ n M e s s a g e c o d e : 0 0 3 " ) ; v a r g k = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d . r e m e m b e r m e " ) ; v a r g j = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d . r e m e m b e r m e _ l a b e l " ) ; i f ( g k ! = n u l l ) g k . d i s p l a y = g g ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; i f ( g j ! = n u l l ) g j . d i s p l a y = g g ? d i s p l a y . v i s i b l e : d i s p l a y . h i d d e n ; i f ( t y p e o f p p d f O n U n l o c k = = " f u n c t i o n " ) p p d f O n U n l o c k ( ) ; } f i n a l l y { t h i s . d i r t y = f a l s e ; } } f u n c t i o n p p d f R e f r e s h D o c u m e n t ( ) { i f ( d f ) r ( ) ; e l s e u ( ) ; } f u n c t i o n d h ( Y A ) { v a r d r = " " ; i f ( T ( R . S + " _ J " ) ! = n u l l ) d r = T ( R . S + " _ J " ) ; i f ( X ! = u n d e f i n e d & & X . u s e r n a m e ! = n u l l ) d r = X . u s e r n a m e ; v a r d = t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . u s e r n a m e " ) ; i f ( d ! = n u l l ) d . v a l u e = d r ; Y ( R . S + " _ Y " ) ; Y ( R . S + " _ G " ) ; Y ( R . S + " _ K " ) ; Y ( R . S + " _ J " ) ; Y ( R . S + " _ L " ) ; Y ( R . S + " _ H " ) ; i f ( Y A ) Y ( i A ( ) ) ; v a r c = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d . r e m e m b e r m e " ) ; i f ( c ! = n u l l ) c . v a l u e = ' O f f ' ; } f u n c t i o n b x ( g p ) { t r y { v a r d r = " " ; i f ( X ! = u n d e f i n e d & & X . u s e r n a m e ! = n u l l ) d r = X . u s e r n a m e ; v a r d = t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . u s e r n a m e " ) ; i f ( d ! = n u l l ) d . v a l u e = d r ; v a r m = [ " b o o m . f o r m . r e s p o n s e " , " b o o m . v e r s i o n " , " b o o m . h i d d e n . g e n " , " b o o m . s e s s i o n " ] ; v a r a y = U ( d p ! = " p p d f c r m " ) ; i f ( a y ! = " " \| \| d p = = " p p d f c r m " ) C ( A . b x , m , g p ) ; i f ( d ! = n u l l ) d . v a l u e = " " ; } c a t c h ( c r ) { i f ( Q . t e s t ( c r . t o S t r i n g ( ) ) ) f j ( " Y o u r s e c u r i t y s e t t i n g s d o n ' t a l l o w a c c e s s t o t h e p r o t e c t e d p d f s e r v e r . Y o u m u s t a l l o w a c c e s s t o t h e s e r v e r . \ n \ n M e s s a g e c o d e : 0 5 7 " ) ; e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . I t m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 6 9 " ) ; } f i n a l l y { t h i s . d i r t y = f a l s e ; } } f u n c t i o n J ( g p , z ) { v a r O = n e w O b j e c t ( ) ; v a r a y = U ( d p ! = " p p d f c r m " ) ; v a r g s = c v ( ) ; O [ " g " ] = e s c a p e ( a y ) ; O [ " s " ] = e s c a p e ( g p ) ; O [ " v " ] = e s c a p e ( a p p . v i e w e r V e r s i o n ) ; O [ " t " ] = e s c a p e ( a p p . v i e w e r T y p e ) ; O [ " w " ] = e s c a p e ( g s ) ; O [ " j " ] = e s c a p e ( g q ) ; O [ " w u o " ] = e s c a p e ( f m ) ; i f ( z ! = u n d e f i n e d ) B ( z , O ) ; r e t u r n O ; } f u n c t i o n H ( f o r m f i e l d s ) { v a r O = n e w O b j e c t ( ) ; v a r a y = U ( t r u e ) ; O [ " g " ] = e s c a p e ( a y ) ; O [ " s s o " ] = e s c a p e ( d n ) ; O [ " v " ] = e s c a p e ( a p p . v i e w e r V e r s i o n ) ; O [ " t " ] = e s c a p e ( a p p . v i e w e r T y p e ) ; O [ " j " ] = e s c a p e ( g q ) ; i f ( f o r m f i e l d s ! = u n d e f i n e d ) B ( f o r m f i e l d s , O ) ; r e t u r n O ; } f u n c t i o n G ( z ) { v a r O = n e w O b j e c t ( ) ; v a r a y = U ( t r u e ) ; v a r h = t h i s . g e t F i e l d ( " b o o m . f o r m . n e v e r s e n d . p w d " ) ; O [ " g " ] = e s c a p e ( a y ) ; O [ " s s o " ] = e s c a p e ( d n ) ; O [ " q e " ] = g t ( h . v a l u e . t o S t r i n g ( ) ) ; O [ " v " ] = e s c a p e ( a p p . v i e w e r V e r s i o n ) ; O [ " t " ] = e s c a p e ( a p p . v i e w e r T y p e ) ; O [ " j " ] = e s c a p e ( g q ) ; i f ( z ! = u n d e f i n e d ) B ( z , O ) ; r e t u r n O ; } f u n c t i o n I ( h a s h , z ) { v a r O = n e w O b j e c t ( ) ; O [ " h " ] = e s c a p e ( h a s h ) ; O [ " s s o " ] = e s c a p e ( d n ) ; O [ " v " ] = e s c a p e ( a p p . v i e w e r V e r s i o n ) ; O [ " t " ] = e s c a p e ( a p p . v i e w e r T y p e ) ; O [ " j " ] = e s c a p e ( g q ) ; i f ( z ! = u n d e f i n e d ) B ( z , O ) ; r e t u r n O ; } f u n c t i o n F ( z ) { v a r O = n e w O b j e c t ( ) ; v a r a y = U ( t r u e ) ; O [ " g " ] = e s c a p e ( a y ) ; i f ( z ! = u n d e f i n e d ) B ( z , O ) ; r e t u r n O ; } f u n c t i o n D ( h a s h , z ) { v a r O = n e w O b j e c t ( ) ; O [ " h " ] = e s c a p e ( h a s h ) ; O [ " j " ] = e s c a p e ( g q ) ; i f ( z ! = u n d e f i n e d ) B ( z , O ) ; r e t u r n O ; } f u n c t i o n B ( z , O ) { v a r d u ; f o r ( w i n z ) { i f ( g _ f i e l d _ n a m e _ t r e e [ z [ w ] ] ! = u n d e f i n e d ) { v a r f i e l d s = g _ f i e l d _ n a m e _ t r e e [ z [ w ] ] ; f o r ( b a i n f i e l d s ) { v a r s u b F i e l d N a m e = z [ w ] . t o S t r i n g ( ) + " . " + f i e l d s [ b a ] . t o S t r i n g ( ) ; d u = t h i s . g e t F i e l d ( s u b F i e l d N a m e ) ; i f ( d u ! = n u l l ) O [ s u b F i e l d N a m e ] = e s c a p e ( d u . v a l u e ) ; } } e l s e { d u = t h i s . g e t F i e l d ( z [ w ] . t o S t r i n g ( ) ) ; i f ( d u ! = n u l l ) O [ z [ w ] . t o S t r i n g ( ) ] = e s c a p e ( d u . v a l u e ) ; } } } f u n c t i o n C ( a c t i o n , z , g p , h a s h ) { v a r l A = f a l s e ; i f ( L ( ) = = N . K & & a p p . v i e w e r V e r s i o n > = 9 ) l A = t r u e ; v a r O ; v a r s u b U r l ; s w i t c h ( a c t i o n ) { c a s e A . b x : O = l A ? J ( g p , z ) : J ( g p ) ; s u b U r l = " p o s t / p i n g . a s p x " ; b r e a k ; c a s e A . J A : O = l A ? H ( z ) : H ( ) ; s u b U r l = " p o s t / l o g i n . a s p x " ; b r e a k ; c a s e A . H A : O = l A ? G ( z ) : G ( ) ; s u b U r l = " p o s t / d i r e c t _ l o g i n . a s p x " ; b r e a k ; c a s e A . a : O = l A ? I ( h a s h , z ) : I ( h a s h ) ; s u b U r l = " p o s t / r e s p o n s e . a s p x " ; b r e a k ; c a s e A . L A : O = l A ? F ( z ) : F ( ) ; s u b U r l = " p o s t / m o v e _ r e q u e s t . a s p x " ; b r e a k ; c a s e A . d y : O = l A ? D ( h a s h , z ) : D ( h a s h ) ; s u b U r l = " p o s t / m o v e _ r e s p o n s e . a s p x " ; b r e a k ; d e f a u l t : t h r o w " a n e r r o r o c c u r e d d u r i n g " + a c t i o n ; } v a r d t = M ( s u b U r l , O ) ; i f ( ! l A ) t h i s . s u b m i t F o r m ( d t , f a l s e , f a l s e , z ) ; e l s e t h i s . s u b m i t F o r m ( d t ) ; } f u n c t i o n M ( s u b U r l , O ) { v a r P = " " ; v a r d t = q + s u b U r l ; i f ( O ! = u n d e f i n e d ) { f o r ( w i n O ) P + = w . t o S t r i n g ( ) + " = " + O [ w ] + " & " ; i f ( P ! = u n d e f i n e d & & P [ P . l e n g t h - 1 ] = = " & " ) P = P . s u b s t r ( 0 , P . l e n g t h - 1 ) ; d t + = " ? " + P + " # F D F " ; } r e t u r n d t ; } f u n c t i o n L ( ) { r e t u r n a p p . p l a t f o r m ; } f u n c t i o n d x ( b i t ) { i f ( t y p e o f ( b i t ) ! = " n u m b e r " ) r e t u r n ; r e t u r n ( b i t & g _ p r e f e r e n c e s ) } f u n c t i o n a s ( h i d e ) { i f ( ! ( a p p . v i e w e r V e r s i o n < 7 ) ) { f o r ( w = 0 ; w < t h i s . n u m P a g e s ; w + + ) { v a r f u = t h i s . g e t A n n o t s 3 D ( w ) ; i f ( t y p e o f f u ! = ' u n d e f i n e d ' ) { f o r ( b a = 0 ; b a < f u . l e n g t h ; b a + + ) { i f ( h i d e ) f u [ b a ] . a c t i v a t e d = f a l s e ; e l s e f u [ b a ] . a c t i v a t e d = t r u e ; } } } } } f u n c t i o n f x ( ) { i f ( t y p e o f p p d f O n J u m p T o L o g i n ! = ' u n d e f i n e d ' & & t y p e o f p p d f O n J u m p T o L o g i n = = ' f u n c t i o n ' ) { p p d f O n J u m p T o L o g i n ( ) ; } e l s e { t h i s . p a g e N u m = 0 ; } } f u n c t i o n C A ( ) { i f ( ! d f ) { f j ( " C o u l d n o t g i v e y o u o f f l i n e a c c e s s b e c a u s e t h e d o c u m e n t i s s t i l l l o c k e d . \ n \ n M e s s a g e c o d e : 0 0 6 " ) ; r e t u r n ; } i f ( X ! = u n d e f i n e d ) X . s a v e ( ) ; e l s e { v a r o f f l i n e C o o k i e = n e w A A ( ) ; v a r d = t h i s . g e t F i e l d ( " b o o m . f o r m . r e s p o n s e . u s e r n a m e " ) ; i f ( d ! = u n d e f i n e d ) d s = n e w S t r i n g ( I A ( d . v a l u e ) ) ; i f ( d s ! = n u l l & & d s ! = " " ) o f f l i n e C o o k i e . u s e r n a m e = n e w S t r i n g ( d s ) ; v a r l = n e w D a t e ( ) ; v a r v i t r V = n e w D a t e ( l . g e t U T C F u l l Y e a r ( ) , l . g e t U T C M o n t h ( ) , l . g e t U T C D a t e ( ) , 0 , 0 , 0 ) ; o f f l i n e C o o k i e . a k = ( ( f v ? v i t r V . g e t T i m e ( ) : l . g e t T i m e ( ) ) + ( a o * ( b g + 1 ) ) ) ; i f ( e c & & d j ! = n u l l ) o f f l i n e C o o k i e . w a t e r m a r k T e x t = n e w S t r i n g ( d j ) ; o f f l i n e C o o k i e . i = d w ; o f f l i n e C o o k i e . s a v e ( ) ; } v a r c = t h i s . g e t F i e l d ( " b o o m . u n l o c k e d . r e m e m b e r m e " ) ; i f ( c ! = n u l l ) c . v a l u e = ' Y e s ' ; } v a r f = " ; " ; v a r X ; f u n c t i o n A A ( Z , u s e r n a m e , a k , l a s t D a y s , w a t e r m a r k T e x t , i ) { t h i s . Z = Z ; t h i s . u s e r n a m e = u s e r n a m e ; t h i s . a k = a k ; t h i s . l a s t D a y s = l a s t D a y s ; t h i s . w a t e r m a r k T e x t = w a t e r m a r k T e x t ; t h i s . i = i ; t h i s . q A = f u n c t i o n ( ) { v a r a a = t h i s . t o S t r i n g ( ) ; r e t u r n b u ( t h i s . i , a a ) ; } t h i s . n A = f u n c t i o n ( ) { i f ( t h i s . a k = = n u l l \| \| t h i s . a k = = " " ) r e t u r n u n d e f i n e d ; v a r l = n e w D a t e ( ) ; v a r v i t r V = n e w D a t e ( l . g e t U T C F u l l Y e a r ( ) , l . g e t U T C M o n t h ( ) , l . g e t U T C D a t e ( ) , l . g e t U T C H o u r s ( ) , l . g e t U T C M i n u t e s ( ) , l . g e t U T C S e c o n d s ( ) ) ; v a r a j = ( t h i s . a k * 1 - ( f v ? v i t r V . g e t T i m e ( ) : l . g e t T i m e ( ) ) ) / a o ; a j = M a t h . f l o o r ( a j ) b g = a j + 1 ; r e t u r n a j + 1 ; } ; t h i s . i s E x p i r e d = f u n c t i o n ( u s e U T C ) { v a r l = n e w D a t e ( ) ; v a r v i t r V = n e w D a t e ( l . g e t U T C F u l l Y e a r ( ) , l . g e t U T C M o n t h ( ) , l . g e t U T C D a t e ( ) , l . g e t U T C H o u r s ( ) , l . g e t U T C M i n u t e s ( ) , l . g e t U T C S e c o n d s ( ) ) ; i f ( ( u s e U T C ? v i t r V . g e t T i m e ( ) : l . g e t T i m e ( ) ) > t h i s . a k ) r e t u r n t r u e ; r e t u r n f a l s e ; } ; t h i s . i s T a m p e r e d = f u n c t i o n ( ) { i f ( t h i s . Z ! = u n d e f i n e d & & t h i s . Z ! = " " ) { i f ( t h i s . Z ! = t h i s . q A ( ) ) r e t u r n t r u e ; } i f ( t h i s . l a s t D a y s ! = u n d e f i n e d & & t h i s . l a s t D a y s ! = " " ) { i f ( ( t h i s . n A ( ) - 1 ) > t h i s . l a s t D a y s ) r e t u r n t r u e ; } r e t u r n f a l s e ; } ; t h i s . s a v e = f u n c t i o n ( ) { i f ( R . f A ! = " " ) D A ( R . h A + R . f A , t h i s . q A ( ) + t h i s . t o S t r i n g ( ) , t r u e ) ; e l s e D A ( R . b , t h i s . q A ( ) + t h i s . t o S t r i n g ( ) , t r u e ) ; } ; t h i s . t o S t r i n g = f u n c t i o n ( ) { v a r a a = f ; a a + = t h i s . u s e r n a m e = = n u l l ? " " : e s c a p e ( t h i s . u s e r n a m e ) ; a a + = f ; a a + = t h i s . a k = = n u l l ? " " : t h i s . a k ; a a + = f ; a a + = t h i s . l a s t D a y s = = n u l l ? " " : t h i s . l a s t D a y s ; a a + = f ; a a + = t h i s . w a t e r m a r k T e x t = = n u l l ? " " : t h i s . w a t e r m a r k T e x t ; r e t u r n a a ; } ; } f u n c t i o n T ( W ) { t r y { v a r s c r i p t = " g l o b a l . " + W ; r e t u r n e v a l ( s c r i p t ) ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) { i f ( G A = = M A . U A ) k A ( " E r r o r o c c u r r e d w h e n g e t c o o k i e . I n v a l i d s e c u r i t y m e s s a g e m o d e . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; r e t u r n r A ( W ) ; } i f ( U ( ) = = " " ) k A ( " E r r o r o c c u r r e d w h e n g e t c o o k i e . M a c h i n e I d n o t f o u n d . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . I t m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 5 9 " ) ; } } f u n c t i o n r A ( W ) { v a r w = 0 ; v a r s c r i p t = " " ; v a r j A = " " ; w h i l e ( w < p A ) { j A = W + " _ " + w . t o S t r i n g ( ) ; s c r i p t = " g l o b a l . " + j A ; t r y { s A ( 2 0 0 ) ; r e t u r n e v a l ( s c r i p t ) ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) w + + ; e l s e { k A ( " E r r o r o c c u r r e d w h e n g e t c o o k i e : c o o k i e n a m e : " + s c r i p t + " , e x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; b r e a k ; } } } } f u n c t i o n D A ( W , v a l , o v e r r i t e O l d ) { t r y { v a r s c r i p t = " i f ( g l o b a l . " + W + " = = n u l l \| \| o v e r r i t e O l d ) { g l o b a l . " + W + " = n e w O b j e c t ( ) ; g l o b a l . s e t P e r s i s t e n t ( ' " + W + " ' , t r u e ) ; g l o b a l . " + W + " = ( t y p e o f v a l ! = ' s t r i n g ' ? v a l : ' " + v a l + " ' ) ; } " ; e v a l ( s c r i p t ) ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) { i f ( G A = = M A . U A ) k A ( " E r r o r o c c u r r e d w h e n s a v e c o o k i e . I n v a l i d s e c u r i t y m e s s a g e m o d e . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; t A ( W , v a l , o v e r r i t e O l d ) ; r e t u r n ; } i f ( U ( ) = = " " ) k A ( " E r r o r o c c u r r e d w h e n s a v e c o o k i e . M a c h i n e I d n o t f o u n d . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . I t m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 5 8 " ) ; } } f u n c t i o n t A ( W , v a l , o v e r r i t e O l d ) { v a r w = 0 ; v a r s c r i p t = " " ; v a r j A = " " ; w h i l e ( w < p A ) { t r y { j A = W + " _ " + w . t o S t r i n g ( ) ; s c r i p t = " i f ( g l o b a l . " + j A + " = = n u l l \| \| o v e r r i t e O l d ) { g l o b a l . " + j A + " = n e w O b j e c t ( ) ; g l o b a l . s e t P e r s i s t e n t ( ' " + j A + " ' , t r u e ) ; g l o b a l . " + j A + " = ( t y p e o f v a l ! = ' s t r i n g ' ? v a l : ' " + v a l + " ' ) ; } " ; e v a l ( s c r i p t ) ; b r e a k ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) w + + ; e l s e { k A ( " E r r o r o c c u r r e d w h e n s a v e c o o k i e : c o o k i e n a m e : " + j A + " , e x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; b r e a k ; } } } } f u n c t i o n Y ( W ) { t r y { e v a l ( " i f ( g l o b a l . " + W + " ! = n u l l ) { d e l e t e g l o b a l . " + W + " ; } " ) ; i f ( ! E A ) o A ( W ) ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) { i f ( G A = = M A . U A ) k A ( " E r r o r o c c u r r e d w h e n d e l e t e c o o k i e . I n v a l i d s e c u r i t y m e s s a g e m o d e . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; o A ( W ) ; r e t u r n ; } i f ( U ( ) = = " " ) k A ( " E r r o r o c c u r r e d w h e n d e l e t e c o o k i e . M a c h i n e I d n o t f o u n d . E x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; e l s e f j ( " T h e r e i s a p r o b l e m w i t h t h i s p r o t e c t e d p d f d o c u m e n t . I t m a y b e d a m a g e d . P l e a s e c o n t a c t t h e p u b l i s h e r f o r a c l e a n f i l e . \ n \ n M e s s a g e c o d e : 0 6 2 " ) ; } } f u n c t i o n o A ( W ) { v a r w = 0 ; v a r s c r i p t = " " ; v a r j A = " " ; w h i l e ( w < p A ) { t r y { j A = W + " _ " + w . t o S t r i n g ( ) ; e v a l ( " i f ( g l o b a l . " + j A + " ! = n u l l ) { d e l e t e g l o b a l . " + j A + " ; } " ) ; w + + ; } c a t c h ( c r ) { i f ( m A ( c r . t o S t r i n g ( ) ) ) w + + ; e l s e { k A ( " E r r o r o c c u r r e d w h e n d e l e t e c o o k i e : c o o k i e n a m e : " + j A + " , e x c e p t i o n : " + c r . t o S t r i n g ( ) ) ; b r e a k ; } } } } f u n c t i o n Q A ( o f f l i n e C o o k i e ) { t r y { i f ( o f f l i n e C o o k i e ! = n u l l \| \| o f f l i n e C o o k i e ! = " " ) { v a r s p l i t e d C o o k i e = o f f l i n e C o o k i e . s p l i t ( f ) ; i f ( s p l i t e d C o o k i e . l e n g t h ! = 5 ) t h r o w " i n c o r r e c t o f f l i n e c o o k i e l e n g t h " ; r e t u r n n e w A A ( s p l i t e d C o o k i e [ 0 ] , u n e s c a p e ( s p l i t e d C o o k i e [ 1 ] ) , s p l i t e d C o o k i e [ 2 ] , s p l i t e d C o o k i e [ 3 ] , s p l i t e d C o o k i e [ 4 ] , d w ) ; } } c a t c h ( c r ) { r e t u r n n u l l ; } } …
`stream_153_off0000d63c.js`	decompressed-pdf-stream	PDF FlateDecoded stream at offset 0xD63C	33270 bytes
SHA-256: `4982c946a5985f984c244615681d6398982354787514c5cc14b440f739933baf`
Detection ClamAV: No threats found Obfuscation or payload: likely Carved artifact contains 10 eval/decoder/string-building token(s).
`jbig2_00_off00013da2.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x13DA2	125077 bytes
SHA-256: `329b6fd2a581fa3e6ed40bc075e361193e9514532e7c22c6d3c0fe744390e8e8`
Detection ClamAV: No threats found Obfuscation or payload: likely Carved artifact entropy is 8.00, consistent with packed or encrypted content.
`jbig2_02_off0004149a.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x4149A	603 bytes
SHA-256: `3ea262f71786fe5b07a91bd0401617795014b04bcbe6576c13c77c71b60e0d72`
`jbig2_03_off00042e30.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x42E30	588 bytes
SHA-256: `783e4de1e15357454e545ef732a1054fa694546bcdbe0f52c23dd71a15cf0363`
`jbig2_04_off000480ce.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x480CE	583 bytes
SHA-256: `a58f42a674253235d59a14b52441a5e7d7ade30041b40503d0547d9b7efeea80`
`jbig2_05_off000546b4.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x546B4	604 bytes
SHA-256: `af050b4de041700c896920670e1cdf27a99c2e394f30e58cba2eb08b524def72`
`jbig2_06_off000565f5.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x565F5	585 bytes
SHA-256: `6549c9f3e65fddbf458e3fec9d0c00737b3563714e23d399f2cee8e4233d94b3`
`jbig2_07_off0005d39b.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x5D39B	593 bytes
SHA-256: `b19e6972bef4f7a14163ee96ea7dd09454710e2f236c12b31b294bad4b6b4265`
`jbig2_08_off00069d8b.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x69D8B	612 bytes
SHA-256: `558a7f0180b9b2febbf1db7c9129c45bc08c38c6cc5106bce3d4c1840f12f0e6`
`jbig2_09_off0006bbca.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x6BBCA	584 bytes
SHA-256: `131a2e3baa23dab80cec4ab97f67330bf23f9ab54c6daf6d142152af55756c21`
`jbig2_10_off0006d6fb.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x6D6FB	585 bytes
SHA-256: `21030cd51c3d0af838a3ace377c50c688e97bd1e0c664d60ee320dd3af7ee661`
`jbig2_11_off00090379.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x90379	589 bytes
SHA-256: `a4a4ccfe28177991fab980d14e5e10fb1b0cbc1ae325b43fab7261def160debb`
`jbig2_12_off0009067d.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x9067D	594 bytes
SHA-256: `e214e3185d3f8c4b63ca084a44d1d8b1c71d1d28134885c5500a08afb44ed64a`
`jbig2_13_off00096b6f.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x96B6F	587 bytes
SHA-256: `3a4b7f84c7aa85b6ff95bbc25c3b68018aad70162b70faf9222b2115d30535a7`
`jbig2_14_off00096e71.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0x96E71	581 bytes
SHA-256: `8b82af2212ebfd12213219ce172162facf3c232a69c9964471482f12402ff0d0`
`jbig2_16_off000a874b.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0xA874B	992 bytes
SHA-256: `449740eeb246c323ba4d2791e297a223e949ea8b30a5f31308255b74bbffba0b`
`jbig2_17_off000b19fc.bin`	pdf-jbig2-stream	PDF JBIG2 stream at offset 0xB19FC	587 bytes
SHA-256: `ec84fd0d152d813d7c7ed60a4152b09ba467a7a8b2ad67b37d6346dca90f1dc1`
`icc_00_off000e913c.icc`	pdf-icc-profile	PDF ICC profile at offset 0xE913C	3144 bytes
SHA-256: `2b3aa1645779a9e634744faf9b01e9102b0c9b88fd6deced7934df86b949af7e`
`font_00_cff_off00108299.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x108299	727 bytes
SHA-256: `e66b75e33ab7983dd6f8d2f2f45df71fda82d9757153fe5b22ac562bdfbd7cf3`
`font_01_cff_off00108582.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x108582	4729 bytes
SHA-256: `1b64bdd6e326bf164313b7b75066bc496263560186ce251e04b9cc70f5e99da3`
`font_02_cff_off001094ea.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x1094EA	338 bytes
SHA-256: `827ef07ad505645e83b943f136c280b24a8d05c962256f576bfc9bfd45f46800`
`font_03_cff_off0010968d.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10968D	330 bytes
SHA-256: `b216894c059190161f75ba7d74910fc8015b099fac96938a9194adc30a817223`
`font_04_cff_off00109814.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x109814	2620 bytes
SHA-256: `bfbf7f28695ade9a538d9a577edd1b4a520c6ca9308bc7a729fbab9b7dcae508`
`font_05_cff_off0010a12e.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10A12E	9233 bytes
SHA-256: `d3770c47fb1615ef77d7e2b781662e8048c872777408214407c0cfdd7907c2ea`
`font_06_cff_off0010bfb6.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10BFB6	4225 bytes
SHA-256: `35b57f1a40d2871f02af2202137a4d9bba3c3250fea6aec3c875613ee0839c49`
`font_07_cff_off0010ce1b.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10CE1B	8939 bytes
SHA-256: `91f7f11a50566fb85865154accd22c1485cb6bf103381980113343a74c8e19ee`
`font_08_cff_off0010ea89.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10EA89	4213 bytes
SHA-256: `4684392b847e5fcfb2a8284f6fab11807e0853e65e789c4791bc205eda20d2f5`
`font_09_cff_off0010f94f.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10F94F	1511 bytes
SHA-256: `ff651d8642697ca6ae5d995826a1ac05cabfec043b240ba87642877a23662b37`
`font_10_cff_off0010fee8.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x10FEE8	1747 bytes
SHA-256: `ad7ba3b5dc53c84ecdabf6b41b70e4585934f46c541bf5bd4ea8615793167b92`
`font_11_cff_off00110551.bin`	pdf-font-stream	PDF embedded font (cff) at offset 0x110551	3582 bytes
SHA-256: `57287365082eb00caee05e4fde9dec746c191c38c97779505dec0a5b3c58bfb5`

Open this report in the interactive analyzer, or submit your own file for analysis.