CLEAN
20
Risk Score
Machine Learning
- Nyx PDF Classifier clean score 0.0001
Heuristics 1
-
Callback phishing phone lure medium SE_CALLBACK_LUREDocument asks the user to call a phone number in billing, refund, subscription, fraud, or security context — consistent with callback phishing or tech-support scam patterns. Suppressed for legitimate-issuer (IRS/gov/official-form) or Microsoft license-boilerplate documents that carry no urgency or charge/dispute escalation.
Extracted artifacts 5
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_021_off00036f61.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x36F61 | 151112 bytes |
SHA-256: b444e3c363fb3ea3f91a9f92671832dcbb908f8daaaef91eadc95a22a86f6882 |
|||
font_00_sfnt_off00031e21.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x31E21 | 127396 bytes |
SHA-256: 40b45acd1970738a3f16e0a03a1fb0430cc62b579a887b86297ca7ca75bb307d |
|||
font_02_sfnt_off0003ffc4.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3FFC4 | 217340 bytes |
SHA-256: 94e96ca5dcf0707727b48752fdd01a4cb343919f3b48cba95a6cbc0d6d0c748e |
|||
font_03_sfnt_off00040ee5.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x40EE5 | 50400 bytes |
SHA-256: 3933f0a171d2e1d52238afd1697f635a25c78debe3762eae68e9de3aebda16b8 |
|||
font_04_sfnt_off00042987.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x42987 | 11592 bytes |
SHA-256: f843cfcc140ebfecb3cc558d96ce63afdbdde41a36e4ab00e344fe1315071c2b |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.