PDF static analysis report

Static analysis result for SHA-256 eaa15218d12824c1…

CLEAN

PDF

91.7 KB Created: 2018-06-21 21:29:21 +02:00 Authoring application: wkhtmltopdf 0.12.3 (via Qt 4.8.7) First seen: 2019-11-20
MD5: 0f931cd5ecad5cec3d42a26d9934bd8b SHA-1: 1b747d348106a1b93b12e959f6ea306d858ee8c6 SHA-256: eaa15218d12824c12cb54e98a7ad0a691143a3c081de72e287a1d13e776d55aa
4 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0018

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://www.shipito.com/MailTracking?act=Mailing.click&mailingid=19942&customerid=865195&url=http://go2l.ink/1rna PDF link annotation
    • http://www.monotype.comMonotypeIn PDF document text
    • http://www.monotype.com/html/mtname/ms_arial.htmlhttp://www.monotype.com/html/mtname/ms_welcome.htmlhttp://www.monotype.com/html/type/license.htmlIn PDF document text

Extracted artifacts 2

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_003_off00012704.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x12704 13504 bytes
SHA-256: 3d86527b18492e944a90f74f36e349ff625c7cd6d2b18e248e85d69f6a2b26f6
font_01_sfnt_off00014ce6.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x14CE6 11904 bytes
SHA-256: 40f0b2a0217da973e22c68b7535885d585006ed4bf35fbbbe41a746b714441ee