SUSPICIOUS
50
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
This PDF document was flagged as suspicious by an ML classifier. It uses an urgency-based lure. The file presents a deceptive download button. Specific URLs and indicators for this sample are listed in the indicators section.
Machine Learning
- Nyx PDF Classifier malicious score 0.7795
Heuristics 4
-
Urgency / deadline lure low SE_URGENCY_LUREDocument contains urgency or deadline language ('account will be terminated', 'action required within 24 hours', etc.) — useful context, but low-signal without other findings
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/but-link-says-free-robux-walter PDF link annotation
- https://meltonschool.org/images/roblox-free-accounts-may-2021.pdfIn PDF document text
- http://j-cook.pro/images/yt-comment-hack-roblox.pdfIn PDF document text
- http://abletrustcare.com/images/free-robux-generator-download-2021.pdfIn PDF document text
- http://stitchingart.com/images/free-robux-game-that-showed-on-roblox.pdfIn PDF document text
- http://dottgagliardi.com/images/syntetisia-roblox-hack.pdfIn PDF document text
- http://www.bbnest.it/images/how-to-hack-roblox-pc-2021.pdfIn PDF document text
- http://kruiz21.ru/images/how-can-i-free-robux-on-roblox-games.pdfIn PDF document text
- https://uofk.edu/images/robux-free-card-codes-2021.pdfIn PDF document text
- http://serviio.org/images/how-to-recove-hacked-account-roblox.pdfIn PDF document text
- https://www.fhccu.com/images/roblox-outfits-free.pdfIn PDF document text
- http://salantiskis.lt/images/best-roblox-games-to-hack-on.pdfIn PDF document text
- http://www.agri-tech.com.au/images/admin-hack-roblox-2021.pdfIn PDF document text
- http://www.isril.it/images/2021-roblox-accounts-free.pdfIn PDF document text
- http://www.remiauclair.fr/images/how-to-get-free-robux-on-a-ipad-2021.pdfIn PDF document text
- https://roberto-gac.com/images/how-to-get-free-robux-hack-generator.pdfIn PDF document text
- http://kulturhusbabberich.nl/images/earn-free-robux-hack.pdfIn PDF document text
- http://www.brtes.com/images/how-to-get-free-robux-n-roblox.pdfIn PDF document text
- https://www.beaufortcollege.ie/images/odyssey-roblox-hacks.pdfIn PDF document text
- https://tokunfome.com.br/images/roblox-currency-hack-lua-script.pdfIn PDF document text
- http://asiashop-france.fr/images/nico-hacker-2-parte-de-roblox.pdfIn PDF document text
- https://www.elevage-chiot.fr/images/how-to-get-free-robux-and-free-catalog.pdfIn PDF document text
- http://kcpb51.ru/images/free-roblox-admin-comand.pdfIn PDF document text
- http://evro-okna.net/images/roblox-10-dollar-gift-card-free.pdfIn PDF document text
- https://farmaciadelbivio.it/images/hacks-para-jailbreak-roblox-2021.pdfIn PDF document text
- http://garrisonjazz.com/images/how-to-get-free-clothes-on-roblox-without-creating.pdfIn PDF document text
- http://unionmusicaldebenidorm.com/images/free-roblox-dll-injector.pdfIn PDF document text
- http://indotec.fr/images/hack-robux-site-robloxcom.pdfIn PDF document text
- http://schrichte.de/images/gun-hack-roblox-pastebin.pdfIn PDF document text
- http://museumkk.ru/images/roblox-what-do-you-do-when-your-account-gets-hacked.pdfIn PDF document text
- https://www.ghknights.org/images/free-roblox-exploits-2021.pdfIn PDF document text
- http://jdlrelocation.com/images/hack-de-roblox-lumber-tycoon-2.pdfIn PDF document text
- http://ilcommercialista.info/images/roblox-hack-smurf-backpack.pdfIn PDF document text
- http://dennemaat.nl/images/roblox-new-have-county-hack.pdfIn PDF document text
- http://citycare.pt/images/how-do-you-get-free-roblox-clothes.pdfIn PDF document text
- https://www.fenews.co.uk/images/tbc-oil-platform-roblox-free-download.pdfIn PDF document text
- http://www.fluidtech.hu/images/free-robux-limiteds-comlu-com.pdfIn PDF document text
- http://www.cosver.nl/images/vibe-train-roblox-hack.pdfIn PDF document text
- http://moralcenter.or.th/images/how-to-hack-robux-on-pc-2021.pdfIn PDF document text
- http://seniornetwanganui.org.nz/images/cmo-conseguir-free-robux-generator-2021-100.pdfIn PDF document text
- http://www.mediaxin.net/images/free-robux-generator-no-human-verification-or-download.pdfIn PDF document text
- http://centuriatus.com/images/logo-roblox-hack.pdfIn PDF document text
- http://archi-z.ru/images/roblox-hack-bars-2021.pdfIn PDF document text
- http://pourvosvacances.com/images/free-robux-codes-rewview.pdfIn PDF document text
- http://ohsawamacrobiotics.com/images/get-free-robux-with-synapse.pdfIn PDF document text
- https://www.nema.go.ke/images/how-to-get-free-robux-easy-and-fast-2021.pdfIn PDF document text
- https://www.hotschool.com.au/images/roblox-obc-hack-2021.pdfIn PDF document text
- http://poltekkeskhjogja.ac.id/images/roblox-bloxburg-house-builders-free.pdfIn PDF document text
- http://arthakranti.org/images/hack-assassin-roblox.pdfIn PDF document text
- http://bilhetim.com.br/images/awesome-roblox-hacks.pdfIn PDF document text
+12 more URL(s)
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008178.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8178 | 26976 bytes |
SHA-256: 7981f6fdecff0c1cb55a25cb55ac047c867b81bfe7bb10b02a345430a85156bd |
|||
font_01_sfnt_off0000bf10.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBF10 | 18672 bytes |
SHA-256: eaaf25b0ad1f7d16e86a72f02ab9e980ed1a2b7f94c51f6f2730b24b23ceedf3 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.