PDF static analysis report

Static analysis result for SHA-256 245daaad3ef8d39a…

CLEAN

PDF

62.9 KB Created: 2021-04-05 23:09:43 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2021-09-25
MD5: 2d02180975e429fb1c76d5772ee34c1f SHA-1: bc2d3f927943b27204efffea9cc15a6186e1a07a SHA-256: 245daaad3ef8d39a7faf40b299b9cfa423f19010e875841125237df5174dc9d9
12 Risk Score

Machine Learning

  • Nyx PDF Classifier suspicious score 0.4394

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/how-to-sell-a-clothes-roblox-free PDF link annotation
    • http://www.torvet11.dk/images/is-hacking-someone-roblox-account-and-transferring-their-robux-illegal.pdfIn PDF document text
    • http://www.copoint.co.uk/images/how-to-get-free-robux-no-hack-2021.pdfIn PDF document text
    • http://awakeningtruth.org/images/free-cracked-roblox-places.pdfIn PDF document text
    • http://salantiskis.lt/images/roblox-one-piece-millenium-stats-hack-script.pdfIn PDF document text
    • https://amatq.ca/images/how-to-create-good-skin-free-in-roblox.pdfIn PDF document text
    • https://www.hotschool.com.au/images/how-to-make-clothes-on-roblox-free.pdfIn PDF document text
    • https://www.alu-as.cz/images/how-to-hack-robux-without-human-verification.pdfIn PDF document text
    • http://scarlier.fr/images/free-robux-obby-on-roblox.pdfIn PDF document text
    • http://kita-sunshine.de/images/cheat-codes-for-roblox-skywars-how-do-u-get-costumes.pdfIn PDF document text
    • http://www.lascalamilanowallcovering.it/images/unlimited-robux-hack-add.pdfIn PDF document text
    • https://www.ncscolour.no/images/roblox-how-to-get-free-robux-on-ipad-2021.pdfIn PDF document text
    • https://www.porthos.it/images/ive-been-hacked-on-roblox-what-now.pdfIn PDF document text
    • http://grazianolangone.it/images/how-to-et-free-robux-april-2021-pc.pdfIn PDF document text
    • http://a1scan3d.com/images/roblox-saob-hack.pdfIn PDF document text
    • http://www.pcclawyers.com.au/images/roblox-how-to-get-free-robux-and-obc.pdfIn PDF document text
    • http://echosvoix.ch/images/roblox-free-codes-generator-no-surverys.pdfIn PDF document text
    • http://www.fluidtech.hu/images/hack-robar-cuentas-de-roblox-2021-akaka.pdfIn PDF document text
    • http://kermas.eu/images/admin-roblox-hack-2021.pdfIn PDF document text
    • http://escolaarboc.cat/images/can-you-get-robux-for-free-froom-roblox-hames.pdfIn PDF document text
    • http://cleanteclogistics.com/images/mobile-hack-net-roblox.pdfIn PDF document text
    • http://biccairo.com/images/how-to-get-free-robux-2021-no-surver.pdfIn PDF document text
    • http://nosocomium.rv.ua/images/roblox-free-rich-accounts.pdfIn PDF document text
    • http://sbm-nn.ru/images/roblox-admin-panel-robux-hack.pdfIn PDF document text
    • http://vipservice-bg.com/images/does-zyz-ork-to-ge-free-robux.pdfIn PDF document text
    • http://edelektronarzedzia.pl/images/comment-telecharger-un-logiciel-de-hack-dur-roblox.pdfIn PDF document text
    • http://kruiz21.ru/images/steal-roblox-game-using-cheat-engine.pdfIn PDF document text
    • http://finalstand.org/images/como-descargar-roblox-hackeado-para-android-2021.pdfIn PDF document text
    • http://www.campiresine.it/images/roblox-dress-free-shipping.pdfIn PDF document text
    • https://sitam.co.in/images/free-robux-xbox-one-2021.pdfIn PDF document text
    • http://www.occquimica.com.br/images/free-roblox-admin-exploit.pdfIn PDF document text
    • http://columbuscigar.com/images/hacks-for-roblox-tower-battles.pdfIn PDF document text
    • http://the-specials.ch/images/roblox-hack-animation.pdfIn PDF document text
    • http://www.bernerpupping.at/images/free-robux-eoblox-fiddler.pdfIn PDF document text
    • http://xn-----clcdhzcbmgnochhb1boe1a6b.xn--p1ai/images/free-robux-no-human-verification-no-offers-generator.pdfIn PDF document text
    • http://piadaandco.it/images/el-mejor-video-de-hack-robux.pdfIn PDF document text
    • http://bilhetim.com.br/images/pastebin-roblox-free-robux-2021.pdfIn PDF document text
    • http://sandra-masemann.de/images/hack-roblox-now.pdfIn PDF document text
    • https://www.lavigny.ch/images/roblox-obby-gives-free-robux.pdfIn PDF document text
    • http://wattkit.com/images/hack-2021-roblox.pdfIn PDF document text
    • https://www.dierenartsberghman.be/images/roblox4allcool-hack-team.pdfIn PDF document text
    • https://shimony.net/images/roblox-free-iland-royal.pdfIn PDF document text
    • https://amatq.ca/images/hack-de-robux-2021-julio.pdfIn PDF document text
    • https://www.hotschool.com.au/images/free-gamepass-roblox.pdfIn PDF document text
    • https://www.tsdb.com.au/images/broken-bones-roblox-hack.pdfIn PDF document text
    • http://pasqualeferorelli.it/images/get-free-robux-game.pdfIn PDF document text
    • http://ecoleduchat-grenoble.fr/images/free-robux-no-download-or-human-verification.pdfIn PDF document text
    • http://shootawayproduction.com/images/roblox-ben-10-universal-showdown-cheats-codes-2021.pdfIn PDF document text
    • http://pourvosvacances.com/images/banning-hacks-for-khols-admin-house-roblox.pdfIn PDF document text
    • http://www.mjclautrec.fr/images/roblox-master-hand-hack.pdfIn PDF document text
    +14 more URL(s)

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00008692.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x8692 29332 bytes
SHA-256: 19888f3268708c451a64fe642f73c299f25f5d6db793f221dd026ccfa7359dd1
font_01_sfnt_off0000c83b.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC83B 3376 bytes
SHA-256: 568e09fdbddb77f319abc73dddd0fcd8b925acd07ddf23eed9f470a455e6cfcc
font_02_sfnt_off0000d3dc.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xD3DC 17808 bytes
SHA-256: b3df8f1404ab1fa33493c47a66b5b68ca5ba69c919c0421c7e09f54e9c5ee893