MALICIOUS
72
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains numerous links to websites that claim to offer game hacks, specifically for Roblox. The heuristic 'PDF_GAME_HACK_LINK_FARM' indicates a link farm designed to lure users. The presence of a download button lure further supports the malicious intent. While no scripts were directly extracted, the document's structure and embedded URLs suggest it's part of a campaign to trick users into visiting potentially malicious sites, likely for credential harvesting or malware distribution.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 4
-
PDF carries game-hack generator link farm medium PDF_GAME_HACK_LINK_FARMPDF contains a gaminggenerator.org app lure together with multiple external PDF links whose filenames advertise game hacks, cheats, jailbreaks, or generators. This is a lure/delivery link farm rather than a PDF exploit: the risk is the linked redirection chain.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/hack-de-robux-gratis PDF link annotation
- https://pneukalousek.cz/images/comment-entrer-un-code-sur-roblox-cheat.pdfIn PDF document text
- http://www.arredifunebri.com/images/free-epic-face-roblox.pdfIn PDF document text
- http://www.evaplast.by/images/fast-run-hack-roblox-murder-mystery.pdfIn PDF document text
- https://socialvalue.gr/images/final-stand-2-hack-roblox.pdfIn PDF document text
- http://hk-kan.org/images/roblox-how-to-change-your-username-for-free-2021.pdfIn PDF document text
- https://www.dierenartsberghman.be/images/how-to-hack-through-walls-in-big-brother-roblox.pdfIn PDF document text
- http://gods-own.org/images/fr-ee-hacks-for-roblox.pdfIn PDF document text
- http://sscclc.edu.ec/images/free-bear-mask-for-roblox.pdfIn PDF document text
- http://www.friendshiptransport.net/images/roblox-glitch-site-free-robux.pdfIn PDF document text
- http://www.ntc.edu.za/images/hack-werardevnet-roblox.pdfIn PDF document text
- https://shop.bellmann-muenzen.de/images/free-accessorys-althiem-online-roblox.pdfIn PDF document text
- https://consorziocsa-asicaivano.it/images/roblox-com-cheat.pdfIn PDF document text
- http://nosocomium.rv.ua/images/how-to-get-hacks-on-roblox-prison-life.pdfIn PDF document text
- http://learningarabic.co.uk/images/como-hackear-roblox-para-tener-robux-2021.pdfIn PDF document text
- https://www.cnte.org.br/images/roblox-hack-descargar.pdfIn PDF document text
- https://yarburservices.ru/images/roblox-pastebin-hack.pdfIn PDF document text
- http://finalstand.org/images/how-to-hack-for-robux-2021.pdfIn PDF document text
- http://eddieblum.nl/images/free-robux-with-inspect-2021.pdfIn PDF document text
- http://www.visiblefilm.com/images/roblox-do-you-want-free-robux-ad.pdfIn PDF document text
- https://bdhcpa.com/images/robux-free-verdienen.pdfIn PDF document text
- http://www.exikom.com.ua/images/roblox-how-to-get-robux-for-free-2021.pdfIn PDF document text
- http://stroygrad-spb.com/images/roblox-robux-simulator-hack.pdfIn PDF document text
- http://musical-arts.de/images/how-to-get-free-robux-on-roblox-on-xbox-one.pdfIn PDF document text
- http://www.marambio.com.ar/images/how-to-make-a-hacker-in-roblox.pdfIn PDF document text
- http://baah.ca/images/how-to-hack-roblox-no-verification.pdfIn PDF document text
- http://www.mikramarine.gr/images/how-to-get-free-clothes-on-roblox-with-builders-club.pdfIn PDF document text
- http://hospitalsalamanca.cl/images/jojo-characters-on-roblox-free.pdfIn PDF document text
- http://energotestcontrol.ru/images/how-to-make-your-own-hacks-for-roblox.pdfIn PDF document text
- http://grupodin.com.br/images/roblox-jailbreak-hacks-march-2021-working.pdfIn PDF document text
- http://ff-obertraun.at/images/free-robux-generator-group.pdfIn PDF document text
- http://pa-bengkulukota.go.id/images/roblox-all-gamepasses-for-free.pdfIn PDF document text
- https://enpav.it/images/robux-no-hacks.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/roblox-cheat-no-key-required.pdfIn PDF document text
- https://ghpa.ru/images/free-card-robux.pdfIn PDF document text
- http://samfora.de/images/are-roblox-hack-clients-a-thing.pdfIn PDF document text
- http://www.likto.eu/images/roblox-bee-game-hack-to-play.pdfIn PDF document text
- http://www.elis-strechy.cz/images/how-to-hack-atm-roblox.pdfIn PDF document text
- http://pourvosvacances.com/images/instant-hack-robux.pdfIn PDF document text
- http://businessfit.com/images/free-robux-place.pdfIn PDF document text
- http://beagles-of-harmony.de/images/champione-simulator-roblox-how-to-have-vip-chest-for-free.pdfIn PDF document text
- https://bdsm-centrum.com/images/roblox-promo-codes-free-2021.pdfIn PDF document text
- http://www.fluidtech.hu/images/hacks-tools-roblox.pdfIn PDF document text
- http://cristalysoptic.com/images/roblox-cheat-sheet.pdfIn PDF document text
- http://evro-okna.net/images/how-to-get-free-visits-on-roblox.pdfIn PDF document text
- http://www.remiauclair.fr/images/youtube-hack-roblox.pdfIn PDF document text
- http://bestwig.de/images/furk-roblox-hack-download.pdfIn PDF document text
- http://evp-sanorlenok.ru/images/free-group-generator-roblox.pdfIn PDF document text
- https://www.abrapppe.org.br/images/money-hack-roblox-vehicle-simulator.pdfIn PDF document text
- http://linens.kiev.ua/images/hacks-to-get-money-on-roblox-adopt-me.pdfIn PDF document text
+15 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off000080de.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x80DE | 25616 bytes |
SHA-256: e87a67abda267b04c5bf298b61c7dbd90eac17f89917912350f92cb2cb153102 |
|||
font_01_sfnt_off0000bb8d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBB8D | 3884 bytes |
SHA-256: 40b61f8938bd710dc29dc58ba3fde91c245a6a69596ec569b4d27c769ca417cf |
|||
font_02_sfnt_off0000c834.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC834 | 18204 bytes |
SHA-256: 47aee6d3788fe12df3cee1f8c31358abbe9a591aef40ff1583517d6ab3228427 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.