Malicious PDF — malware analysis report

Heuristics 4

• PDF links to a 'free generator / game hack' redirector high PDF_GAME_HACK_REDIRECT_LURE
  PDF's clickable action targets a redirector of the form /app/<id>/<slug>-game-hack — the landing-page shape of a large SEO 'free spins / generator / game hack' lure family that funnels victims through rotating disposable hosts to a malware/scam payload. The multi-link variants also trip ML/link-farm rules; this catches the single-link variants that otherwise score clean.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL https://netcdn.xyz/app/431946152/free-robux-survey-game-hack PDF link annotation

  • http://www.valenciamaids.com/userfiles/files/teach-me-to-hack_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/gamehunters-club-coin-master_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/robux_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/how-to-start-a-minecraft-server-for-free_GM479516143.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/robuxmatchcom-free-robux_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/androeed-ru-minecraft_GM479516143.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/roblox-hack-tool_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/free-robux-place_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/coin-master-free-daily-spins_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/coin-master-coins_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/coinmaster-spin-ml-link_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/how-to-free-robux_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/free-robux-no-human-verify_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/free-coins-coin-master-link_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/coin-master-free-cards-link-2021_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/free-minecraft-account-and-password_GM479516143.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/free-promo-codes-roblox_GM431946152.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/download-hacked-games-coin-master_GM406889139.pdfIn PDF document text
  • http://www.valenciamaids.com/userfiles/files/aristois-minecraft-hack_GM479516143.pdfIn PDF document text
  • http://192.168.0.99/%20%3Cp%3E%3Cp%3EFree%20Roblox%20Robux%20Generator%20for%20Android,%20iOS,%20Xbox%20One,%20Microsoft%20Windows%20and%20macOS%20You%20Can%20Generate%20Unlimited%20Free%20ROBUX%20Get%20Unlimited%20Free%20Robux%20Click%20the%20button%20below%20!%3Cp%3E%3Cp%3Ehow%20to%20hack%20into%20my%20roblox%20account%3Cp%3E%3Cp%3Einject%20hack%20com%20roblox%20hack%20injector%3Cp%3E%3Cp%3Ehow%20to%20do%20sex%20hack%20roblox%3Cp%3E%3Cp%3EThe%20Free%20Robux%20Generator%20Hack%20No%20Survey%20/%20Roblox%20Free%20Hack%20Tool%20is%20versatile%20well%20disposed%20of.%20Roblox%20Hack%20is%20100%25%20safe%20and%20secure.%20It%20does%20not%20put%20your%20device%20at%20any%20risk.%20As%20there%20is%20no%20need%20to%20download,%20you%20can%20have%20online%20access%20to%20this%20hack%20tool.%3Cp%3E%3Cp%3Edragonfire%20mod%20minecraft%20tiny%20turtle%20download,%20The%20Light%20Fury%20is%20a%20medium-sized%20Strike%20Class%20dragon%20and%20a%20close%20relative%20of%20the%20Night%20Fury%20that%20first%20appeared%20in%20How%20to%20Train%20Your%20Dragon:%20The%20Hidden%20World.%201%20Official%20Description%202%20Development%203%20Physical%20Appearance%203.1%20Hatchling%20to%20Adult%204%20Abilities%204.1%20Firepower%204.2%20Stealth%204.3%20Cloaking%204.4%20Speed%20and%20Agility%204.5%20Strength%20and%20Combat%204.6%20...%3Cp%3E%3Cp%3Ehow%20to%20get%20free%20robux%20ant%3Cp%3E%3Cp%3ERoblox%20How%20To%20Nograv%20And%20Speed%20Hack%20With%20Cheat%20Engine%206%204%20Video%20Onlajn.%20Roblox%20nopde%20engine%206%204%20how%20to%20become%20invisible.%20Roblox%20God%20Mode%20Hack%20Cheat%20Engine.%20How%20To%20Walk%20Though%20Walls%20Noclip%20On%20Roblox%20Using%20Cheat%20Engine%206%204.%20How%20to%20walk%20though%20walls%20noclip%20on%20roblox%20using%20cheat...%3Cp%3E%3Cp%3EHow%20to%20get%20any%20item%20in%20ROBLOX%20for%20FREE!%20August%202020%20new%20method.%20Business%20inquiries:%20RotoriousBusiness@gmail.com%20In%20this%20video%20IIn PDF document text
  • http://en.wikipedia.org/wiki/MIT_LicenseIn PDF document text

Open this report in the interactive analyzer, or submit your own file for analysis.