SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains a clear lure for free Robux, directing users to the URL 'http://gaminggenerator.org/app/431946152/how-to-get-free-robux-aiden'. The ML classifier also flagged this PDF as malicious. While no scripts were explicitly extracted, the presence of embedded URLs and the document's theme suggest a phishing or scam attempt, likely intended to lead to further malicious activity.
Machine Learning
- Nyx PDF Classifier malicious score 0.8328
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/how-to-get-free-robux-aiden PDF link annotation
- https://www.cnte.org.br/images/shadow-raid-cheats-roblox-notoriety.pdfIn PDF document text
- https://www.fhccu.com/images/roblox-hack-ghost.pdfIn PDF document text
- https://www.albisser.ch/images/hack-para-tener-robux-gratis-2021.pdfIn PDF document text
- https://www.yewtreealpacas.co.uk/images/can-roblox-track-you-if-you-hack-them.pdfIn PDF document text
- https://www.tsdb.com.au/images/how-hack-in-roblox-with-bad-words.pdfIn PDF document text
- http://dottgagliardi.com/images/how-to-cheat-tycoons-on-roblox.pdfIn PDF document text
- http://uptodate.az/images/cheat-roblox-knife-capsules.pdfIn PDF document text
- http://www.art-concept.gr/images/how-to-use-cheat-engine-67-on-roblox.pdfIn PDF document text
- http://biccairo.com/images/how-to-get-free-robux-on-roblox-in-2021.pdfIn PDF document text
- http://infoagronomia.com.ar/images/how-to-get-free-robux-no-skam.pdfIn PDF document text
- http://www.brtes.com/images/robux-for-roblox-free-no-verification.pdfIn PDF document text
- http://linde-erbach.de/images/jailbreak-roblox-money-hacks.pdfIn PDF document text
- http://www.adravietnam.org/images/discord-free-robux.pdfIn PDF document text
- https://www.udivadlahotel.cz/images/how-to-get-free-faces-on-roblox-2021.pdfIn PDF document text
- https://www.wildpark-johannismuehle.de/images/roblox-free-robux-hack-easy.pdfIn PDF document text
- http://www.rezbb.sk/images/soporte-para-reportar-hacks-roblox.pdfIn PDF document text
- https://bgescc.com/images/free-jailbreak-roblox-vip-server.pdfIn PDF document text
- http://canadatowers.com/images/enderrobux-117-hack-para-tener-robux-gratis.pdfIn PDF document text
- http://www.gadanie.lv/images/free-robux-24-info.pdfIn PDF document text
- https://www.porthos.it/images/el-mejor-hack-de-jailbreak-roblox.pdfIn PDF document text
- http://www.zdravazena.sk/images/free-roblox-faces-codes-2021-not-expired.pdfIn PDF document text
- http://escolaarboc.cat/images/hack-and-slash-roblox.pdfIn PDF document text
- http://hondenspecialist-engelien.nl/images/roblox-jailbreak-free-hack-2021.pdfIn PDF document text
- http://petarda.hu/images/how-do-you-hack-an-account-on-roblox.pdfIn PDF document text
- http://abletrustcare.com/images/roblox-robux-hack-working-100-with-proof.pdfIn PDF document text
- http://www.fluidtech.hu/images/free-robux-no-download-or-survey-2021.pdfIn PDF document text
- http://www.lionel-seppoloni.fr/images/free-roblox-account-giveaway-2021.pdfIn PDF document text
- https://www.hotschool.com.au/images/roblox-hack-free-unlimited.pdfIn PDF document text
- https://www.air-shop.cz/images/hack-on-roblox-to-get-funds-2021.pdfIn PDF document text
- http://www.cbgp.upm.es/images/how-to-get-any-catalog-item-free-roblox.pdfIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00004479.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x4479 | 22988 bytes |
SHA-256: 6e3f42df00c61131ce3ac1f2ac3a808068e808f3f462a8b29ed7da4f528e5474 |
|||
font_01_sfnt_off000077c9.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x77C9 | 3884 bytes |
SHA-256: 40b61f8938bd710dc29dc58ba3fde91c245a6a69596ec569b4d27c769ca417cf |
|||
font_02_sfnt_off00008470.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x8470 | 17968 bytes |
SHA-256: 9a8f756a68ca3ce091df0bb3c6c1a39e6a414cf5b4145c9194594a15f8f91321 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.