SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains multiple embedded URLs and a heuristic firing for PDF_URI, all pointing to sites related to hacking or exploiting the Roblox game. The document body, though heavily obfuscated, contains a URL that aligns with the attack pattern. The presence of external URIs suggests an attempt to redirect the user to a malicious resource, likely for credential harvesting or malware delivery.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-hack-the-northern-frontier-roblox PDF link annotation
- https://www.udivadlahotel.cz/images/roblox-hack-robux-ios.pdfIn PDF document text
- http://www.vktzunami.cz/images/roblox-level-7-script-executor-free.pdfIn PDF document text
- http://axia-verlag.at/images/how-to-hack-buildermans-password-on-roblox.pdfIn PDF document text
- http://eltisstudio.sk/images/c-rex-hack-roblox.pdfIn PDF document text
- http://www.art-concept.gr/images/how-to-get-free-hair-in-roblox-2021.pdfIn PDF document text
- http://fairwaygolftravel.co.uk/images/youtube-how-to-hack-acounts-on-roblox.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/roblox-hacks-executor.pdfIn PDF document text
- http://belagrogen.by/images/games-cheat-engine-works-roblox.pdfIn PDF document text
- http://hemmet-strand.dk/images/bloxburg-house-builders-free-roblox.pdfIn PDF document text
- http://autismoalbacete.org/images/roblox-chat-picture-hack.pdfIn PDF document text
- http://prodent.com.ua/images/roblox-free-cape-catalog.pdfIn PDF document text
- http://canadatowers.com/images/how-to-do-the-sex-hack-on-roblox.pdfIn PDF document text
- https://www.mrsz.ir/images/roblox-how-to-get-offsale-items-for-free.pdfIn PDF document text
- http://halitbayramoglu.com.tr/images/go-to-this-website-for-free-robux.pdfIn PDF document text
- http://racunari.in.rs/images/jailbreak-hacks-on-roblox.pdfIn PDF document text
- http://ferienwohnung-walker.de/images/v3rmillion-roblox-free-nuke.pdfIn PDF document text
- https://ambarevleri.com/images/free-robux-sign-for-homeless.pdfIn PDF document text
- http://xn--59-6kcusgqlmfgen3m.xn--p1ai/images/robux-hack-pc-2021.pdfIn PDF document text
- http://indotec.fr/images/funny-roblox-avatar-ideas-free.pdfIn PDF document text
- http://jackson-pr.com/images/roblox-base-raider-hack.pdfIn PDF document text
- https://www.abrapppe.org.br/images/free-robux-cards-codes-cheating.pdfIn PDF document text
- http://uctovnictvosnv.sk/images/how-to-hack-roblox-accounts-2021-easy.pdfIn PDF document text
- http://nevesomost.by/images/free-robux-no-human-verification-2021-no-download.pdfIn PDF document text
- http://www.rezbb.sk/images/ninja-simulator-roblox-cheats-for-xbox.pdfIn PDF document text
- https://eleganceautospa.ca/images/pastebincom-free-20b-robux.pdfIn PDF document text
- http://getthelook-bkk.com/images/roblox-studio-app-free.pdfIn PDF document text
- http://solidcommunication.ch/images/how-to-speed-hack-with-cheat-engine-roblox.pdfIn PDF document text
- http://www.eurologistiki.gr/images/roblox-no-download-hack.pdfIn PDF document text
- http://wokbaarlo.nl/images/how-to-find-out-who-hack-your-roblox-account-back.pdfIn PDF document text
- https://www.millatgears.com/images/how-to-get-free-coins-in-skywars-roblox.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/youtube-roblox-free-robux-2021.pdfIn PDF document text
- https://gafaseo.com/images/how-to-get-free-robux-on-apple-phone.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/how-to-use-snowlords-roblox-hacks.pdfIn PDF document text
- http://evp-sanorlenok.ru/images/cheat-roblox-lumber-tycoon-2-engine.pdfIn PDF document text
- https://www.lavigny.ch/images/roblox-free-play-bloxburg.pdfIn PDF document text
- http://brusivojimi.com/images/roblox-jailbreak-gui-hack.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/robux-hacks-no-human-verification-or-survey.pdfIn PDF document text
- https://www.sitiwebjoomla.it/images/free-gray-pants-roblox.pdfIn PDF document text
- https://amatq.ca/images/how-to-get-free-robux-without-gift-cards.pdfIn PDF document text
- http://www.art-concept.gr/images/get-free-robux-5uecom.pdfIn PDF document text
- http://internetdeputy.com/images/free-robux-super-easy.pdfIn PDF document text
- http://www.torvet11.dk/images/roblox-those-who-remain-hack.pdfIn PDF document text
- http://www.brtes.com/images/roblox-blotch-shikai-hack-script.pdfIn PDF document text
- https://www.audipec.com.br/images/wich-are-the-best-free-level-7-exploits-for-roblox.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/tp-hacks-for-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/how-to-hack-someones-roblox-account-with-link.pdfIn PDF document text
- http://www.gravel.ru/images/how-to-hacka-roblox-game.pdfIn PDF document text
- http://www.agri-tech.com.au/images/how-to-cheat-in-dungeon-quest-roblox.pdfIn PDF document text
- http://jackson-pr.com/images/roblox-cheat-dll.pdfIn PDF document text
+18 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008302.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8302 | 26056 bytes |
SHA-256: 08047815bc3fd301f05fd5ca74ba7dafd181e3b469bc6a4363e540c9ebb92104 |
|||
font_01_sfnt_off0000be26.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBE26 | 18436 bytes |
SHA-256: 86cb0f8b74ef29bae6a2603752a299459c5b1db40b7275a53ccac9f70838494d |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.