PDF static analysis report

Static analysis result for SHA-256 f3730019d5e1e7d8…

CLEAN

PDF

55.1 KB Created: 2018-09-02 20:31:42 +02:00 Authoring application: wkhtmltopdf 0.12.5 (via Qt 4.8.7) First seen: 2019-01-31
MD5: 576648787a451e6a263c75910a4aaeb3 SHA-1: 1a9dccc2b73b873c3ffcb831cbdde8001460a01a SHA-256: f3730019d5e1e7d8f83828c60c5b0ded971a577d01b3780f5e88bcfaa10a02a5
4 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0158

Heuristics 2

  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL https://epl.paypal-communication.com/H/2/v40000016251ef26d8a00c35f4bbcfb648/ab01d66a-6439-4afb-a196-7e632354fa24/HTML PDF link annotation
    • https://epl.paypal-communication.com/T/v40000016251ef26d8a00c35f4bbcfb648/ab01d66a64394afb0000021ef3a0bcc7/ab01d66a-6439-4afb-a196-7e632354fa24In PDF document text
    • http://1337.lu/u11In PDF document text
    • https://12a.eu/2sIn PDF document text
    • https://epl.paypal-communication.com/T/v40000016251ef26d8a00c35f4bbcfb648/ab01d66a64394afb0000021ef3a0bccb/ab01d66a-6439-4afb-a196-7e632354fa24In PDF document text
    • https://epl.paypal-communication.com/T/v40000016251ef26d8a00c35f4bbcfb648/ab01d66a64394afb0000021ef3a0bccc/ab01d66a-6439-4afb-a196-7e632354fa24In PDF document text
    • https://epl.paypal-communication.com/T/v40000016251ef26d8a00c35f4bbcfb648/ab01d66a64394afb0000021ef3a0bccd/ab01d66a-6439-4afb-a196-7e632354fa24In PDF document text
    • http://www.monotype.comMonotypeIn PDF document text
    • http://www.monotype.com/html/mtname/ms_arial.htmlhttp://www.monotype.com/html/mtname/ms_welcome.htmlhttp://www.monotype.com/html/type/license.htmlIn PDF document text
    • http://dejavu.sourceforge.netIn PDF document text
    • http://dejavu.sourceforge.net/wiki/index.php/LicenseIn PDF document text

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off000086f8.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x86F8 13232 bytes
SHA-256: 9f5330c1ad0ff962de9ea16c43c7efe83082ee012b13a383372a6267b1ff0939
font_01_sfnt_off0000ac8b.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xAC8B 9432 bytes
SHA-256: 73afe5217b88977bafb8bb175a9527e09f868fbcb34547378472877d71a6f319
font_02_sfnt_off0000c3a9.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC3A9 16204 bytes
SHA-256: cfba7e0f1c01da90c2efa4dbd7b8ac40191a7ec1513db8c001e1b23a85a5cd32