CLEAN
24
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0070
Heuristics 3
-
Document signing service impersonation lure medium SE_DOCUSIGN_LUREDocument impersonates DocuSign, Adobe Sign, or a similar signing service in a signing-request context
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://www.powerflexweb.com/centers_redirect_log.php?idDivision=88&nameDivision=Homepage&idModule=m583&nameModule=myStrength&idElement=1137&nameElement=ProviderSearch&url=https://share-eu1.hsforms.com/18wO3Zb9hTIuittmhHvQFuQ2ec8gt PDF link annotation
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 4
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_002_off000028c6.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x28C6 | 9884 bytes |
SHA-256: bb130886bce256025efbea8283a111b4f8aeb77e42238b195039161b7c2a7614 |
|||
font_00_sfnt_off00000fe1.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xFE1 | 9136 bytes |
SHA-256: 1f841dc9da1c5355ef66d614582126b61c1187be167595cf49a6f15ee836f982 |
|||
font_02_sfnt_off0000424b.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x424B | 14116 bytes |
SHA-256: b86c111dffc528bf345732086a7fb8bd890fd7b4e70a7bf410c7e456d3cc71b1 |
|||
font_03_sfnt_off000058f7.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x58F7 | 16088 bytes |
SHA-256: 0d1ee11cf50bf8b63e69ccef4913225d1aae3f8fb436fcdb35727852862d9a11 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.