SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains multiple embedded URLs, with one prominent URL pointing to a site offering 'free Robux' or 'item gratuit dans le catalogue Roblox hacker'. The ML classifier flagged this PDF as malicious, and the presence of external URIs and a visual download lure suggests a phishing or scam attempt. No scripts were extracted, but the overall structure and content indicate a social engineering tactic to redirect users to potentially harmful websites.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/item-gratuit-dans-le-catalogue-roblox-hacker PDF link annotation
- http://androidthai.in.th/images/how-to-get-free-avatar-animations-on-roblox.pdfIn PDF document text
- http://ferienhaus-schmidl.at/images/how-to-get-free-builders-club-on-roblox-ipad.pdfIn PDF document text
- http://www.teapotjewelry.com/images/free-robux-obby-working-2021.pdfIn PDF document text
- https://www.inova-cuisine.fr/images/how-to-get-unlimited-free-robux-on-roblox-2021-1.pdfIn PDF document text
- https://asesoriamss.com/images/roblox-unlimited-robux-cheat.pdfIn PDF document text
- http://brusivojimi.com/images/hacked-via-roblox.pdfIn PDF document text
- http://www.zdravazena.sk/images/free-online-photo-shop-for-roblox.pdfIn PDF document text
- http://www.colma.it/images/roblox-hack-rs-2021.pdfIn PDF document text
- https://bancroftandsons.com/images/how-do-u-hack-into-bases-on-sharpshooter-roblox.pdfIn PDF document text
- https://www.air-shop.cz/images/free-robux-hack-copy-and-paste.pdfIn PDF document text
- http://jdleducation.com/images/free-avatar-in-roblox-2021.pdfIn PDF document text
- http://almacargo.com/images/free-summer-grl-free-roblox-skins.pdfIn PDF document text
- http://autismoalbacete.org/images/how-to-get-hacked-account-back-in-roblox.pdfIn PDF document text
- http://avocatultau.eu/images/creepy-hacker-roblox-face.pdfIn PDF document text
- http://www.drent.se/images/free-gamepasses-roblox-v3rm.pdfIn PDF document text
- http://posterprintshop.nl/images/free-item-roblox-pastebin.pdfIn PDF document text
- http://www.anies.eu/images/how-to-script-hack-roblox.pdfIn PDF document text
- http://www.brtes.com/images/robuxkingz-ml-free-robux.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/free-robux-services.pdfIn PDF document text
- https://arcasict.nl/images/robux-hack-joining-groups.pdfIn PDF document text
- http://cmfd.nl/images/youtube-roblox-cheat-engine-arcane-adventures.pdfIn PDF document text
- http://mebliok.com.ua/images/how-to-get-promo-codes-robux-free.pdfIn PDF document text
- http://www.guidaturisticaverona.it/images/bloxburg-roblox-free-money.pdfIn PDF document text
- http://lechia-sedziszow.pl/images/how-to-get-free-robux-without-hacking-2021.pdfIn PDF document text
- http://shootawayproduction.com/images/boku-no-roblox-hack-legendary-quirks.pdfIn PDF document text
- https://www.eglihotel.gr/images/free-robux-codes-2021-no-survey.pdfIn PDF document text
- http://www.e-lysis.com/images/roblox-dll-hack-352021.pdfIn PDF document text
- http://solidkom.ch/images/how-to-hack-roblox-accounts-with-edit-this-cookie-2021.pdfIn PDF document text
- http://ottawavalleykitchens.ca/images/how-to-get-free-items-in-roblox-no-pastebin.pdfIn PDF document text
- http://seniornetwanganui.org.nz/images/free-robux-promo.pdfIn PDF document text
- https://bgescc.com/images/earn-free-robux-robloxwin.pdfIn PDF document text
- http://leigraphics.com/images/username-and-password-roblox-free.pdfIn PDF document text
- http://vedrachemicals.ro/images/how-to-hack-in-robux-ez.pdfIn PDF document text
- http://bwharrisalumniusa.org/images/free-robux-v3rmillion.pdfIn PDF document text
- http://boliviagasenergia.com/images/teleport-roblox-jilbreak-hack.pdfIn PDF document text
- http://nalmpantistractors.gr/images/roblox-vehicle-simulator-money-hack-2021.pdfIn PDF document text
- http://batterikungen.se/images/how-to-complete-a-survey-to-get-free-robux.pdfIn PDF document text
- http://ce-tsv-nantes.fr/images/cheat-roblox-vehicle-simulator.pdfIn PDF document text
- http://a1scan3d.com/images/free-robux-generator-2021-no-survey-or-human-verification.pdfIn PDF document text
- https://gabrieliassociati.com/images/how-to-hack-roblox-using-dll.pdfIn PDF document text
- http://legs11.co.za/images/roblox-free-robux-glitch-2021.pdfIn PDF document text
- https://www.ferienhausdirektkroatien.de/images/free-robux-promo-codes-2021-not-expired.pdfIn PDF document text
- http://shahriyarclimb.com/images/roblox-god-mode-hack.pdfIn PDF document text
- http://cosver.eu/images/roblox-hack-working-2021.pdfIn PDF document text
- http://www.cosver.nl/images/roblox-dick-hack.pdfIn PDF document text
- http://pizzeria-rosso.pl/images/how-to-be-hacker-on-roblox.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/car-dealership-tycoon-roblox-hack-script-inf-money.pdfIn PDF document text
- https://www.hotel-forsthaus.com/images/roblox-hacks-2021-level-7.pdfIn PDF document text
- http://ernstgloves.co.il/images/games-on-roblox-that-will-give-u-free-hat-youtubecom.pdfIn PDF document text
+15 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off0000823c.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x823C | 27512 bytes |
SHA-256: 232602df7b316719c7e7c194317d75e6655b743d890b96da6f91c6b031d140cd |
|||
font_01_sfnt_off0000bff7.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBFF7 | 18988 bytes |
SHA-256: 0374f78dfc0aa150e10478958cb35b3debc89fe76cc67c88963e46f91374a7db |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.