MALICIOUS
134
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0010
Heuristics 5
-
Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARMSmall PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
-
Cracked-software lure uses download-gateway redirectors high PDF_CRACKED_SOFTWARE_REDIRECTOR_LINK_FARMPDF contains multiple cracked-software/keygen/serial-key lure links together with long encoded download-gateway URLs or known crack-download redirector hosts. This is stronger than generic piracy vocabulary: the document is an SEO lure that funnels users through redirect/download infrastructure commonly used for adware, unwanted software, or droppers.
-
PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LUREPDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://siteslocate.com/aldis/grunge?ZG93bmxvYWR8ZEIxTkhOMGVueDhNVFkxT0RBd05qWTVPWHg4TWpVNU1IeDhLRTBwSUZkdmNtUndjbVZ6Y3lCYldFMU1VbEJESUZZeUlGQkVSbDA=edginess/RURJUk9MIEh5cGVyIENhbnZhcyBWU1RpIERYaSB2MS42LjAgKFRFQU0gQWlSKSA2NCBiaXQRUR.locum.minimun.permanency PDF link annotation
- https://cancuntourssale.com/wp-content/uploads/2022/07/kart_racing_pro_license_keygen_14.pdfIn PDF document text
- https://www.vakantiehuiswinkel.nl/abbyy-finereader-corporate-15-2-101-497-incl-crack-_verified_-portable-download-pc/In PDF document text
- https://www.newportcyclespeedway.co.uk/advert/meluha-gujarati-pdf-free-work-download/In PDF document text
- https://melhoreslivros.online/yu-gi-oh-gx-power-of-chaos-chazz-the-vainglory-modpc-key-link/In PDF document text
- http://villa-mette.com/?p=42699In PDF document text
- https://www.samartheducation.org/wp-content/uploads/2022/07/Du_Meter_7_11_NEW_Keygen_Generator.pdfIn PDF document text
- https://www.jatjagran.com/wp-content/uploads/CCleaner_Pro_5637540_Key_Crack_Full_Version_High_Quality-1.pdfIn PDF document text
- https://startpointsudan.com/index.php/2022/07/17/cual-es-el-codigo-de-activacion-de-dragon-city-hack-tool-5-8v-yahoo/In PDF document text
- http://capabiliaexpertshub.com/wp-content/uploads/2022/07/rashham.pdfIn PDF document text
- https://wanoengineeringsystems.com/acronis-true-image-echo-enterprise-server-9-7-8398-acronis-unive-better/In PDF document text
- https://speedhunters.al/wp-content/uploads/2022/07/Cryptnav_Vw_Europa_2014.pdfIn PDF document text
- https://72bid.com?password-protected=loginIn PDF document text
- https://kivabe.info/wp-content/uploads/2022/07/100obrasmaestrasdelamusicaclasicadescargartorrent.pdfIn PDF document text
- https://myirishconnections.com/wp-content/uploads/2022/07/Quimica_Organica_Vollhardt_5_Edicion101.pdfIn PDF document text
- https://www.arunachalreflector.com/2022/07/17/outlines-of-chemical-technology-dryden-pdfl-exclusive/In PDF document text
- http://freemall.jp/autodesk-robot-structural-analysis-professional-2014-serial-number-keygen-_best_.htmlIn PDF document text
- https://designpress.it/wp-content/uploads/2022/07/Mpmm_Professional_Serial_Number.pdfIn PDF document text
- https://mh-tech2u.com/wp-content/uploads/2022/07/Samsung_Ml_1865w_PRINTER_Firmware_Reset12_FREE.pdfIn PDF document text
- https://7blix.net/wp-content/uploads/2022/07/alecha.pdfIn PDF document text
- https://www.nonteek.com/wp-content/uploads/2022/07/Deep_hiarcs_14_uci_chess_engine_download.pdfIn PDF document text
- https://www.vakantiehuiswinkel.nl/abbyy-finereader-corporate-15-2-101-497-incl-In PDF document text
- https://www.samartheducation.org/wp-In PDF document text
- https://www.jatjagran.com/wp-In PDF document text
- https://startpointsudan.com/index.php/2022/07/17/cual-es-el-codigo-de-activacion-de-dragon-city-In PDF document text
- https://wanoengineeringsystems.com/acronis-true-image-echo-enterprise-server-9-7-8398-acronis-In PDF document text
- https://kivabe.info/wp-In PDF document text
- https://myirishconnections.com/wp-In PDF document text
- https://www.arunachalreflector.com/2022/07/17/outlines-of-chemical-technology-dryden-pdfl-In PDF document text
- http://freemall.jp/autodesk-robot-structural-analysis-professional-2014-serial-number-In PDF document text
- https://mh-tech2u.com/wp-In PDF document text
- https://www.nonteek.com/wp-In PDF document text
- http://siteslocate.com/aldis/grunge?zg93bmxvywr8zeixtkhomgvuedhnvfkxt0rbd05qwtvpwhg4twpvnu1iedhlrtbwsuzkdmntundjbvz6y3lcyldfmu1vbejesuzzeulgqkvsbda=edginess/rurjuk9mieh5cgvyienhbnzhcybwu1rpieryasb2ms42ljagkfrfqu0gqwlsksa2ncbiaxqrur.locum.minimun.permanencyIn PDF document text
- http://www.tcpdf.orgIn PDF document text
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
- http://purl.org/dc/elements/1.1/In PDF document text
- http://ns.adobe.com/xap/1.0/In PDF document text
- http://ns.adobe.com/pdf/1.3/In PDF document text
- http://ns.adobe.com/xap/1.0/mm/In PDF document text
- http://www.aiim.org/pdfa/ns/extension/In PDF document text
- http://www.aiim.org/pdfa/ns/schema#In PDF document text
- http://www.aiim.org/pdfa/ns/property#In PDF document text
- http://www.aiim.org/pdfa/ns/id/In PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00002cf0.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x2CF0 | 84508 bytes |
SHA-256: 2b7ba551bea82cc3307397981c1dbeb1b78486f95f2eb14e5e58d4e1b24edb0c |
|||
font_01_sfnt_off0000b4dc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB4DC | 83036 bytes |
SHA-256: 6d13e73e85a502a13969f6a5eaecd0b275a0868c045f80b7d64ed55d70678261 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.