SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains numerous URLs related to 'free Robux hacks' and 'Roblox cheats', indicating a lure for users interested in the game. The ML classifier flagged the PDF as malicious with high confidence. The presence of embedded URLs and the document body content strongly suggest a phishing or scam attempt to trick users into downloading further malicious content, likely another PDF or executable disguised as a hack.
Machine Learning
- Nyx PDF Classifier malicious score 0.9723
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/free-robux-hack-forum-by-envix PDF link annotation
- http://pourvosvacances.com/images/roblox-ultimate-driving-hack.pdfIn PDF document text
- http://jackson-pr.com/images/roblox-hack-999999-robux-pc-2021-august.pdfIn PDF document text
- https://www.laarsenco.nl/images/instalar-roblox-free.pdfIn PDF document text
- https://www.showalterpropertyconsultants.com/images/roblox-snow-shoveling-simulator-free-santa-bag-ijf.pdfIn PDF document text
- https://www.banhngoncaocap.com/images/free-robux-robuxgg.pdfIn PDF document text
- http://sfsbm.org/images/robux-hack-free-no-human-verification.pdfIn PDF document text
- http://leigraphics.com/images/roblox-2021-cheat-engin.pdfIn PDF document text
- http://www.eurologistiki.gr/images/free-shirt-design-maker-roblox.pdfIn PDF document text
- http://www.metinadistribuzione.com/images/robux-hack-2021-admin-codes.pdfIn PDF document text
- http://hardbit.cn/images/roblox-kohl-admin-house-hack-2021.pdfIn PDF document text
- http://towtrucklosangeles.com/images/who-hacked-cutelucyy9-on-roblox.pdfIn PDF document text
- http://arcnjournals.org/images/roblox-plus-ultra-stat-hack.pdfIn PDF document text
- https://septik-montag.ru/images/all-game-roblox-admin-gui-hack-working.pdfIn PDF document text
- http://www.imperialaccountingfl.com/images/how-to-get-free-robux-codes-2021-not-expired.pdfIn PDF document text
- http://pdapanache.com/images/how-do-you-get-free-tix-and-robux-on-roblox.pdfIn PDF document text
- http://joshherman.com/images/roblox-800-free-robux.pdfIn PDF document text
- http://harveycounty.com/images/can-my-roblox-account-got-hacked.pdfIn PDF document text
- http://www.colma.it/images/boku-no-roblox-stats-hack.pdfIn PDF document text
- http://racunari.in.rs/images/how-to-get-free-robux-by-watching-videos.pdfIn PDF document text
- http://restarmenia.com/images/can-u-make-a-shirt-in-roblox-for-free.pdfIn PDF document text
- http://dshikr.ru/images/synapse-roblox-exploit-download-free.pdfIn PDF document text
- http://safari-crimea.com/images/new-code-hack-speed-roblox-jailbreak.pdfIn PDF document text
- http://osteonad.com/images/robux-club-hack.pdfIn PDF document text
- http://quatangthienthan.com/images/cheat-roblox-pc-speed-run-4.pdfIn PDF document text
- https://www.alu-as.cz/images/free-robux-free-2021.pdfIn PDF document text
- http://apartstmichel.com.ar/images/free-obey-items-roblox.pdfIn PDF document text
- https://gafaseo.com/images/roblox-free-download-ipad.pdfIn PDF document text
- https://zszolesno.pl/images/free-50-robux-gift-card-generator.pdfIn PDF document text
- https://www.hofe-gmbh.de/images/broken-bones-iv-hack-roblox.pdfIn PDF document text
- http://somvisio.es/images/earn-free-robux-online-android.pdfIn PDF document text
- http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text
Extracted artifacts 2
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
font_00_sfnt_off00003da3.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x3DA3 | 20084 bytes |
SHA-256: e8e2dd87a2e28f46440fffbe1da74e2dac4ac3678f0d67b4a060137370443ca3 |
|||
font_01_sfnt_off00006840.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0x6840 | 18620 bytes |
SHA-256: 8828914e57a286984534ae51cec169e0d86f6a29bdf299bab208e46b6346c205 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.