Malicious PDF — malware analysis report

Static analysis result for SHA-256 f995db5ffd8eddb1…

MALICIOUS

PDF

122.9 KB Created: 2022-07-16 22:07:55 +00:00 Authoring application: gavlean (via PDF Master 1.0.1) First seen: 2026-06-14
MD5: 9ec1bd3564eeb08f69b60adb262a9f89 SHA-1: 256308e4f34251a36eeb3d53edb29869271aadd6 SHA-256: f995db5ffd8eddb1a07cc9019bacdcb20107663a136ec5e91dcb3a3b30f4fec6
94 Risk Score

Machine Learning

  • Nyx PDF Classifier clean score 0.0006

Heuristics 4

  • Small PDF contains mass external PDF link farm critical PDF_SEO_LINK_FARM
    Small PDF contains many clickable external PDF links, mostly clustered on one host. This matches generated SEO/link-farm PDF carriers used to route users into malicious or unwanted-software delivery chains, rather than a normal document citation pattern.
  • PDF link farm advertises cracked/pirated software medium PDF_CRACKED_SOFTWARE_LURE
    PDF contains many clickable links whose targets use cracked-software, keygen, serial-key, or warez vocabulary. These are SEO-spam lure documents that rank for software-piracy searches and route users to fake 'crack' download pages distributing potentially-unwanted programs, adware, or droppers. The PDF itself carries no exploit — the risk is the linked destinations.
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://dormister.com/?brightside=waterzooi&disagreeing=ZG93bmxvYWR8QTRmYjNWNGZId3hOalU0TURBMk5qazVmSHd5TlRrd2ZId29UU2tnVjI5eVpIQnlaWE56SUZ0WVRVeFNVRU1nVmpJZ1VFUkdYUQ&crones=medicaid&cGxhc21hY2FtIGRlc2lnbiBlZGdlIGNyYWNrIDUwcGx=peddle PDF link annotation
    • http://barleysante.com/?p=15587In PDF document text
    • http://eastleeds.online/wp-content/uploads/2022/07/grabert.pdfIn PDF document text
    • https://tgmcn.com/easygifanimator5proportabledownloadpc-patched/In PDF document text
    • https://www.nooganightlife.com/wp-content/uploads/2022/07/TuneUp_Utilities_2013_With_Crack_100_Working_LINK_Download.pdfIn PDF document text
    • http://epicphotosbyjohn.com/?p=27402In PDF document text
    • https://r-posts.com/wp-content/uploads/2022/07/reanida.pdfIn PDF document text
    • https://www.the-fox.it/2022/07/16/plagiarism-detector-software-crack-keygen-exclusive/In PDF document text
    • https://lyricsandtunes.com/2022/07/16/spss-11-5-full-64bit-mediafire-free-__top__/In PDF document text
    • http://kievcasting.actor/wp-content/uploads/2022/07/CRACK_Power_Data_Recovery_412_With_Keygen_UPD.pdfIn PDF document text
    • https://heidylu.com/refog-free-keylogger-6-2-3-crack-42-upd/In PDF document text
    • https://progressivehealthcareindia.com/2022/07/16/ic-27-health-insurance-pdf-download-new-infos-wheel-encyclop/In PDF document text
    • https://lifedreamsorganizer.com/wp-content/uploads/2022/07/Simatic_Wincc_Flexible_2008_sp2_Crack_License.pdfIn PDF document text
    • https://topgiftsforgirls.com/la-que-se-avecina-7x06-720p-or-1080p/In PDF document text
    • https://www.valenciacfacademyitaly.com/wp-content/uploads/2022/07/naruto_final_fight_source_byond.pdfIn PDF document text
    • http://www.danielecagnazzo.com/?p=40483In PDF document text
    • https://bodhibliss.org/mr-majnu-eng-sub-720p-hd-moviel/In PDF document text
    • https://ccptwo.com/?p=26184In PDF document text
    • https://www.mozideals.com/advert/google-maps-6-11-1-apk-download-upd-world-navigation-activated/In PDF document text
    • https://www.dancesocksbcn.com/advert/allplayer-8-8-portable-exclusive/In PDF document text
    • https://thecluelesscoffee.com/wp-content/uploads/2022/07/gabeotay.pdfIn PDF document text
    • https://www.nooganightlife.com/wp-In PDF document text
    • http://kievcasting.actor/wp-In PDF document text
    • https://progressivehealthcareindia.com/2022/07/16/ic-27-health-insurance-pdf-download-new-infos-In PDF document text
    • https://lifedreamsorganizer.com/wp-In PDF document text
    • https://www.valenciacfacademyitaly.com/wp-In PDF document text
    • https://www.mozideals.com/advert/google-maps-6-11-1-apk-download-upd-world-navigation-In PDF document text
    • http://kievcasting.actor/wp-content/uploads/2022/07/crack_power_data_recovery_412_with_keygen_upd.pdfIn PDF document text
    • http://www.tcpdf.orgIn PDF document text
    • http://www.w3.org/1999/02/22-rdf-syntax-ns#In PDF document text
    • http://purl.org/dc/elements/1.1/In PDF document text
    • http://ns.adobe.com/xap/1.0/In PDF document text
    • http://ns.adobe.com/pdf/1.3/In PDF document text
    • http://ns.adobe.com/xap/1.0/mm/In PDF document text
    • http://www.aiim.org/pdfa/ns/extension/In PDF document text
    • http://www.aiim.org/pdfa/ns/schema#In PDF document text
    • http://www.aiim.org/pdfa/ns/property#In PDF document text
    • http://www.aiim.org/pdfa/ns/id/In PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.