SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains numerous links and text related to obtaining free items or cheats for the game Roblox. The presence of a high-confidence ML classifier firing and an embedded external URI strongly suggests malicious intent. The document likely serves as a lure to direct users to potentially malicious websites, as indicated by the numerous extracted URLs.
Machine Learning
- Nyx PDF Classifier malicious score 0.9434
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/roblox-how-to-get-the-animal-hoodies-free PDF link annotation
- https://verdensbarn.no/images/wwwcheatsgurucom-pc-roblox-cheats-codes.pdfIn PDF document text
- http://salantiskis.lt/images/how-to-get-games-free-roblox.pdfIn PDF document text
- https://reggieslockandkey.com/images/free-monster-parts-roblox.pdfIn PDF document text
- http://www.inservis.cl/images/pastebin-roblox-items-free.pdfIn PDF document text
- https://www.stkdb.cz/images/roblox-vehicle-simulater-hacks.pdfIn PDF document text
- https://www.tsdb.com.au/images/dayz-roblox-hack.pdfIn PDF document text
- https://www.cnte.org.br/images/how-to-get-free-robux-on-roblox-no-scam-2021.pdfIn PDF document text
- http://pa-tanjungselor.go.id/images/more-free-roblox-jailbreak-vip-servers-link-desc.pdfIn PDF document text
- http://ff-obertraun.at/images/blocks-of-war-free-robux.pdfIn PDF document text
- https://www.elevage-chiot.fr/images/roblox-hack-robux-download-2021.pdfIn PDF document text
- http://www.drent.se/images/hack-song-id-roblox-2021.pdfIn PDF document text
- https://verdensbarn.no/images/roblox-pinewood-points-hack.pdfIn PDF document text
- https://esl.ipb.ac.id/images/free-robux-no-scam-no-human-verification-2021.pdfIn PDF document text
- https://www.milewood.co.uk/images/hack-strucid-roblox-aimbot.pdfIn PDF document text
- http://uctovnictvosnv.sk/images/free-robux-on-chromebook.pdfIn PDF document text
- https://www.beaufortcollege.ie/images/this-roblox-game-gives-you-free-robux.pdfIn PDF document text
- http://nosocomium.rv.ua/images/how-to-get-free-legit-working-robux.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/get-free-animation-roblox.pdfIn PDF document text
- http://www.pcclawyers.com.au/images/roblox-how-to-get-tge-free-trial-trial-bc.pdfIn PDF document text
- http://nosocomium.rv.ua/images/real-robux-hack-pastebin.pdfIn PDF document text
- http://www.vktzunami.cz/images/free-brighton-and-hove-buses-roblox.pdfIn PDF document text
- https://www.ghknights.org/images/roblox-hacks-commands.pdfIn PDF document text
- https://www.lomrad.go.th/images/roblox-admin-commands-hack.pdfIn PDF document text
- http://www.actae.gr/images/dll-files-hack-for-roblox-vehicle-simulator-2021.pdfIn PDF document text
- http://www.lycee-langevin-wallon.com/images/roblox-hack-after-update-1608.pdfIn PDF document text
- http://www.fluidtech.hu/images/roblox-one-piece-millenium-stats-hack-script.pdfIn PDF document text
- http://www.anies.eu/images/how-to-earn-free-robux.pdfIn PDF document text
- https://www.udivadlahotel.cz/images/roblox-free-games-login.pdfIn PDF document text
- http://www.copoint.co.uk/images/rexgg-free-robux.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/script-executor-roblox-free.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/roblox-free-alts.pdfIn PDF document text
- http://echosvoix.ch/images/claimrbx-com-free-robux.pdfIn PDF document text
- https://www.hbproducts.dk/images/cheat-codes-for-roblox-2021-ro-city.pdfIn PDF document text
- https://www.tsdb.com.au/images/fly-hacks-on-roblox.pdfIn PDF document text
- http://www.visiblefilm.com/images/free-cool-tshirt-roblox.pdfIn PDF document text
- http://sscclc.edu.ec/images/hack-robux-with-inspect.pdfIn PDF document text
- http://www.agri-tech.com.au/images/https-wwwrobloxcom-games-2021202196-freeubersummerrewards.pdfIn PDF document text
- https://crank.ee/images/free-adopt-me-promo-codes-roblox.pdfIn PDF document text
- http://hemmet-strand.dk/images/como-ser-um-hacker-de-roblox-iniciante-no-pc.pdfIn PDF document text
- http://ns1.radiofacil.net/images/hacks-for-counter-blox-roblox-offensive.pdfIn PDF document text
- http://www.exikom.com.ua/images/how-to-get-free-robux-without-hacking-on-ipad.pdfIn PDF document text
- http://www.nielsen2u.dk/images/roblox-hacker-arrested.pdfIn PDF document text
- http://www.malonmalon.com.ar/images/hack-richest-roblox-account.pdfIn PDF document text
- http://zarinnameh.ir/images/roblox-speed-hack-feb-10.pdfIn PDF document text
- https://www.air-shop.cz/images/roblox-best-free-exploits.pdfIn PDF document text
- http://sscclc.edu.ec/images/roblox-awesome-parodies-how-to-get-free-robux-on-ipad.pdfIn PDF document text
- http://agrao.in/images/project-delta-roblox-cheats.pdfIn PDF document text
- http://bkd1.balikpapan.go.id/images/critical-strike-roblox-free-gamepass.pdfIn PDF document text
- http://zarinnameh.ir/images/roblox-best-free-t-shirts.pdfIn PDF document text
+2 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00005700.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x5700 | 23216 bytes |
SHA-256: a888a8f2b24dc461603363d5c15855240d1a1334324b6a2ec97c611cb3dff159 |
|||
font_01_sfnt_off00008a97.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8A97 | 18748 bytes |
SHA-256: eee16065d11fa3d9a4d93f3ae7294499b8dd5616dd2af23eb95c56f0a58e4dc0 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.