Malicious PDF — malware analysis report

Heuristics 4

• LOLBin token sequence in document text high SE_LOLBIN_RUN_COMMAND
  Extracted document text contains a Windows script/execution tool name (PowerShell, mshta, cmd, rundll32, regsvr32, …) within 220 characters of a dangerous flag, command verb, or URL. This is a visible 'run this' instruction in HTML/PDF/RTF lure bodies, or — in macro-laden Office files — the macro's own string-pool entries appearing adjacent in extracted text.
• Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
  Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
• External URI info PDF_URI
  PDF contains an external URL action
• Embedded URL info EMBEDDED_URL
  One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
  URL http://gaminggenerator.org/app/431946152/download-roblox-for-free-online PDF link annotation

  • http://pia2000.net/images/free-robux-no-personal-information.pdfIn PDF document text
  • http://pa-tanjungselor.go.id/images/roblox-free-bc-2021.pdfIn PDF document text
  • http://cmme.it/images/roblox-hack-no-human-verification-no-survey.pdfIn PDF document text
  • http://brandyourbody.com/images/best-roblox-games-with-free-radio.pdfIn PDF document text
  • https://digitalsenseafrica.com.ng/images/roblox-obbys-free.pdfIn PDF document text
  • http://stackideas.com/images/how-to-get-free-wings-on-roblox-2021.pdfIn PDF document text
  • http://salantiskis.lt/images/how-to-hack-roblox-account-with-edit-this-cookie-2021.pdfIn PDF document text
  • https://www.lavigny.ch/images/roblox-hack-kavra-rolplay.pdfIn PDF document text
  • https://www.manmed.info:443/images/hack-struicid-stop-start-roblox.pdfIn PDF document text
  • http://getthelook-bkk.com/images/roblox-studio-app-free.pdfIn PDF document text
  • http://armatrutz.de/images/free-robux-restraunt-tycoon.pdfIn PDF document text
  • https://gabrieliassociati.com/images/jailbreak-roblox-hack-2021-february.pdfIn PDF document text
  • http://musical-arts.de/images/running-cheat-engine-with-roblox.pdfIn PDF document text
  • https://www.ghknights.org/images/phantom-roblox-hack.pdfIn PDF document text
  • http://www.occquimica.com.br/images/free-robux-no-buying-apps.pdfIn PDF document text
  • http://www.hawler.in/images/cheat-roblox-prison-life.pdfIn PDF document text
  • http://ruksnaitis.com/images/roblox-piano-the-fat-rat-monody-hack-delay.pdfIn PDF document text
  • http://jointworkstudio.com/images/roblox-hack-account-free.pdfIn PDF document text
  • http://www.fluidtech.hu/images/roblox-damage-hack.pdfIn PDF document text
  • http://www.lycee-langevin-wallon.com/images/how-to-get-free-robux-by-pressing-one-button.pdfIn PDF document text
  • http://www.eurosan1.ba/images/white-t-shirt-roblox-free.pdfIn PDF document text
  • http://pia2000.net/images/fly-roblox-lauc-script-hack-pastebin.pdfIn PDF document text
  • http://legs11.co.za/images/booga-booga-roblox-cheats.pdfIn PDF document text
  • http://ilcommercialista.info/images/design-it-cheats-roblox.pdfIn PDF document text
  • http://eddieblum.nl/images/get-free-roblox-by-playi.pdfIn PDF document text
  • https://bancroftandsons.com/images/bleu-hack-roblox-download.pdfIn PDF document text
  • https://www.coriglianocalabro.it/images/how-to-get-free-robux-using-cmd.pdfIn PDF document text
  • http://fotoflas.gr/images/http-roblox-hack-site.pdfIn macro / runtime command snippet
  • https://www.elevage-chiot.fr/images/free-roblox-shirt-creator.pdfIn macro / runtime command snippet
  • http://aistplus.ru/images/anti-cheat-blocker-roblox.pdfIn macro / runtime command snippet
  • https://www.seeingindependence.org/images/roblox-work-at-a-pizza-place-cheats.pdfIn PDF document text
  • https://www.albisser.ch/images/free-robux-2021-july-inspect-element.pdfIn PDF document text
  • http://caraless.com/images/fake-get-free-robux-website.pdfIn PDF document text
  • http://domaizdereva24.ru/images/free-roblox-john.pdfIn PDF document text
  • http://www.pacoestrada.it/images/fastbux-me-free-robux.pdfIn PDF document text
  • https://www.hbproducts.dk/images/roblox-dungeon-quest-get-unlimited-gold-and-free-vip.pdfIn PDF document text
  • http://www.pcclawyers.com.au/images/roblox-hack-cleant-jailbraik.pdfIn PDF document text
  • http://www.agri-tech.com.au/images/free-robux-generator-real-2021.pdfIn PDF document text
  • https://www.tsdb.com.au/images/how-to-get-the-snowman-pachege-free-in-roblox.pdfIn PDF document text
  • http://www.mosaikshop.at/images/rbxrocks-free-robux.pdfIn PDF document text
  • http://bkd1.balikpapan.go.id/images/hackaron-robux.pdfIn PDF document text
  • http://ims-77.fr/images/hack-skyploit-v2-roblox.pdfIn PDF document text
  • http://selectionspdf.fr/images/how-to-get-the-kitsune-for-free-roblox.pdfIn PDF document text
  • https://cintasoeste.com.ar/images/limited-universe-robux-hack.pdfIn PDF document text
  • https://www.albisser.ch/images/roblox-highschool-how-to-get-free-gear.pdfIn PDF document text
  • https://gomsa.nl/images/how-to-legally-get-free-robux.pdfIn PDF document text
  • https://tokunfome.com.br/images/how-do-you-hack-phantom-forces-on-roblox.pdfIn PDF document text
  • http://getthelook-bkk.com/images/i-need-robux-for-free.pdfIn PDF document text
  • https://www.knxuk.org/images/new-hack-for-roblox-2021-december-download-mediafire-jailbreak.pdfIn PDF document text

  +13 more URL(s)

Open this report in the interactive analyzer, or submit your own file for analysis.