PDF static analysis report

Static analysis result for SHA-256 0cbe5f2b85ae8782…

CLEAN

PDF

65.0 KB Created: 2021-04-02 07:59:29 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-22
MD5: 4b2c8b436430eaeca5649e8a1d3d21cf SHA-1: ea2eee0a867aabd2a9ce02f5e3b4fcb451c18019 SHA-256: 0cbe5f2b85ae8782ab378b1583c3e3f471a83dea95aab5d00878e56560aa2c22
12 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.2983

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/roblox-lego-hack-2021 PDF link annotation
    • http://www.hawler.in/images/roblox-redeem-code-free-2021.pdfIn PDF document text
    • http://www.web.stc-part.co.th/images/hack-menu-roblox-jailbreak.pdfIn PDF document text
    • https://esl.ipb.ac.id/images/how-to-get-free-robux-no-download-2021.pdfIn PDF document text
    • http://www.centrul-mara.ro/images/cheat-codes-for-hoes-roblox-song-id.pdfIn PDF document text
    • https://www.elevage-chiot.fr/images/roblox-how-to-get-obc-for-free-lifetime.pdfIn PDF document text
    • https://technospektr.com.ua/images/how-to-bypass-roblox-with-cheat-engine.pdfIn PDF document text
    • http://www.torrenppontassieve.it/images/how-to-get-free-robux-2021.pdfIn PDF document text
    • http://legs11.co.za/images/how-to-get-robux-for-free-on-roblox-2021.pdfIn PDF document text
    • https://socialvalue.gr/images/hack-coins-roblox-obby.pdfIn PDF document text
    • http://lib.sssu.ru/images/free-robux-giveaway-live-youtube.pdfIn PDF document text
    • http://www.hawler.in/images/free-wearable-hair-roblox.pdfIn PDF document text
    • http://www.exikom.com.ua/images/jeux-de-free-roblox.pdfIn PDF document text
    • https://www.lomrad.go.th/images/greenville-hack-roblox-2021.pdfIn PDF document text
    • http://poltekkeskhjogja.ac.id/images/free-robux-codes-real-2021.pdfIn PDF document text
    • https://www.abrapppe.org.br/images/roblox-how-to-get-free-robux-in-2021.pdfIn PDF document text
    • http://www.diariotermal.com.ar/images/roblox-avatar-creator-free.pdfIn PDF document text
    • http://domaizdereva24.ru/images/roblox-online-free-sign-up.pdfIn PDF document text
    • http://rjkk.ee/images/free-robux-no-human-verification-2021-no-survey.pdfIn PDF document text
    • http://ff-obertraun.at/images/redline-cheat-in-roblox.pdfIn PDF document text
    • http://www.hawler.in/images/how-to-put-a-roblox-hack-in.pdfIn PDF document text
    • http://cosver.eu/images/how-to-free-robux-easy.pdfIn PDF document text
    • http://www.mikramarine.gr/images/how-do-you-hack-roblox-for-robux.pdfIn PDF document text
    • https://www.wildpark-johannismuehle.de/images/dodgeball-roblox-hack.pdfIn PDF document text
    • https://www.sitiwebjoomla.it/images/roblox-dinosaur-simulator-cheat.pdfIn PDF document text
    • https://technospektr.com.ua/images/free-robux-codes-that-r-rel.pdfIn PDF document text
    • http://poltekkeskhjogja.ac.id/images/dracosword-roblox-hacker.pdfIn PDF document text
    • https://amatq.ca/images/hackear-prison-life-roblox-2021-pc.pdfIn PDF document text
    • http://pa-tanjungselor.go.id/images/cbro-roblox-hacks-for-credits.pdfIn PDF document text
    • http://rjkk.ee/images/view-cam-hack-roblox.pdfIn PDF document text
    • http://www.promedica.elk.com.pl/images/roblox-coregui-hack-making.pdfIn PDF document text
    • http://www.diariotermal.com.ar/images/free-robux-so-sick.pdfIn PDF document text
    • https://www.romedia.gr/images/how-2-get-free-robux-working-2021.pdfIn PDF document text
    • http://svp-steinmaur.ch/images/hacks-cbro-roblox.pdfIn PDF document text
    • https://www.lomrad.go.th/images/free-robux-no-information-needed.pdfIn PDF document text
    • http://pa-tanjungselor.go.id/images/redeem-robux-free.pdfIn PDF document text
    • http://www.jureclomas.com.ar/images/free-robux-glitch-december-2021.pdfIn PDF document text
    • http://www.drent.se/images/roblox-hacking-computer-destroyed.pdfIn PDF document text
    • https://www.abrapppe.org.br/images/how-to-hack-robux-on-roblox-mobile.pdfIn PDF document text
    • https://www.albisser.ch/images/2021-roblox-robux-hack.pdfIn PDF document text
    • http://www.htc.edu.au/images/how-to-make-free-robux-2021.pdfIn PDF document text
    • https://www.porthos.it/images/admin-hack-roblox-exploit.pdfIn PDF document text
    • http://www.cosver.nl/images/roblox-robux-generator-best-hack.pdfIn PDF document text
    • http://uptodate.az/images/roblox-popular-hacker.pdfIn PDF document text
    • http://www.tonlesap.gov.kh/images/roblox-free-modeler.pdfIn PDF document text
    • https://www.acbc.wa.edu.au/images/free-roblox-account-email-and-password.pdfIn PDF document text
    • http://www.roumlouki.gr/images/script-whall-hack-roblox.pdfIn PDF document text
    • http://www.rawbluesparis.fr/images/videos-on-how-to-get-free-robux.pdfIn PDF document text
    • http://learningarabic.co.uk/images/growbux-net-free-robux.pdfIn PDF document text
    • http://www.lionel-seppoloni.fr/images/completely-free-robux.pdfIn PDF document text
    +52 more URL(s)

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
stream_005_off00008cd5.bin decompressed-pdf-stream PDF FlateDecoded stream at offset 0x8CD5 29464 bytes
SHA-256: b687bcc9ec3e23796bbc0471b979d13cda5a56143547d0f7174b5b4b09443fae
font_01_sfnt_off0000cc46.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xCC46 2932 bytes
SHA-256: eca297a45fb9923ea28909901551bde8bd16f682c9be11825e41835887623f35
font_02_sfnt_off0000d66e.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xD66E 18088 bytes
SHA-256: d4cae1b840a278792382358792968e9200492cfd40c249f99517ce941ec7cdf2