SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The document contains numerous URLs related to 'free Robux' and a heuristic firing for 'ML_NYX_PDF_MALICIOUS' indicates a high likelihood of malicious intent. The presence of embedded links and the document body's theme suggest a phishing or scam attempt to trick users into visiting malicious sites. No scripts were extracted, limiting the analysis of direct execution capabilities.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/can-you-get-robux-for-free-froom-roblox-hames PDF link annotation
- http://tegeler-segler.de/images/how-to-get-robux-for-free-2021.pdfIn PDF document text
- http://www.sapaengineering.kz/images/how-to-hack-roblox-games-on-android.pdfIn PDF document text
- http://www.apocalissedigesucristo.com/images/how-to-get-free-robux-on-roblox-2021-android.pdfIn PDF document text
- http://neumann.fr/images/how-to-have-free-robux-2021-and-exemple.pdfIn PDF document text
- http://www.evaplast.by/images/cheats-on-roblox-2021.pdfIn PDF document text
- http://matweb.pl/images/roblox-mm2-hacks.pdfIn PDF document text
- http://solidcommunication.ch/images/connection-free-mail-roblox.pdfIn PDF document text
- https://xn--80adfcepoood1a3b.xn--p1ai/images/clothes-in-roblox-free.pdfIn PDF document text
- http://www.bbnest.it/images/how-to-get-free-robux-2021-december-2021.pdfIn PDF document text
- https://www.nema.go.ke/images/free-shark-teeth-roblox.pdfIn PDF document text
- http://cosver.eu/images/roblox-ice-cream-simolator-mit-fly-hack.pdfIn PDF document text
- http://jackson-pr.com/images/roblox360com-free-robux.pdfIn PDF document text
- https://www.najeebqasmi.com/images/how-to-hack-roblox-accounts-kid.pdfIn PDF document text
- http://pastelli.gr/images/free-roblox-template-shirt.pdfIn PDF document text
- http://www.anies.eu/images/free-robux-generator-roblox-2021.pdfIn PDF document text
- https://www.eglihotel.gr/images/btools-hack-script-roblox.pdfIn PDF document text
- http://www.gongoff.com/images/are-there-any-roblox-hacks-that-actually-work.pdfIn PDF document text
- https://www.elevage-chiot.fr/images/free-robux-extensions.pdfIn PDF document text
- http://bc97.de/images/free-cute-royale-high-outfits-roblox.pdfIn PDF document text
- http://www.bernerpupping.at/images/roblox-case-clicker-cheat.pdfIn PDF document text
- https://www.audipec.com.br/images/roblox-grand-blox-auto-money-cheat.pdfIn PDF document text
- https://estalagemmonteverde.com.br/images/roblox-ultimate-driving-cheat-engine.pdfIn PDF document text
- http://lakomat.by/images/roblox-jailbreak-hack-money-cheat-engine.pdfIn PDF document text
- https://gomsa.nl/images/subscribe-to-get-free-robux.pdfIn PDF document text
- https://www.mvp.co.nz/images/roblox-hack-apk-unlimited-robux.pdfIn PDF document text
- http://www.eptaviation.com/images/how-to-get-free-robux-2021-ad.pdfIn PDF document text
- https://omhelsjehart.nu/images/free-robux-cheats-no-survey.pdfIn PDF document text
- http://www.zdravazena.sk/images/roblox-free-robux-hack-no-human-verification-youtube.pdfIn PDF document text
- https://ogm-goettingen.de/images/como-hackear-mad-city-roblox.pdfIn PDF document text
- http://www.flotom.at/images/free-redeem-robux-cards.pdfIn PDF document text
- https://academy.cr/images/bloxland-free-robux-promo-code.pdfIn PDF document text
- http://brandyourbody.com/images/best-roblox-games-with-free-radio.pdfIn PDF document text
- https://pa-waingapu.go.id/images/how-to-get-free-robux-no-download.pdfIn PDF document text
- http://aviaprofsoyuz.info/images/how-to-get-free-obc-roblox.pdfIn PDF document text
- http://petarda.hu/images/da-hood-hacks-roblox-s.pdfIn PDF document text
- https://www.stkdb.cz/images/redeem-free-robux-code.pdfIn PDF document text
- http://www.remiauclair.fr/images/dll-hacks-for-roblox-2021.pdfIn PDF document text
- http://stroygrad-spb.com/images/how-to-find-hacker-matrix-egg-in-roblox.pdfIn PDF document text
- https://semanasantacehegin.com/images/cheat-codes-for-roblox-mad-city-cash.pdfIn PDF document text
- http://www.brtes.com/images/cheat-engine-btools-roblox-hack.pdfIn PDF document text
- http://greenoase.be/images/dayz-3-beta-roblox-cheats-cods.pdfIn PDF document text
- https://www.stkdb.cz/images/how-to-hack-jailbreak-roblox-2021.pdfIn PDF document text
- http://www.sapaengineering.kz/images/any-way-to-get-free-robux.pdfIn PDF document text
- http://www.inservis.cl/images/how-to-get-free-clothes-on-roblox-without-bc-2021.pdfIn PDF document text
- http://columbuscigar.com/images/get-free-hats-on-roblox-2021.pdfIn PDF document text
- http://abletrustcare.com/images/scripts-for-hacks-roblox.pdfIn PDF document text
- http://horsa18.ru/images/how-to-inject-proxo-roblox-hacks.pdfIn PDF document text
- https://zapoj-kharkov.com.ua/images/cheat-roblox-2021-bee-swarm-simulator.pdfIn PDF document text
- http://yochin.org.tw/images/roblox-murder-mystery-2-wls-3-hack.pdfIn PDF document text
+21 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008489.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8489 | 25980 bytes |
SHA-256: b554fd85328f9836b85450c46fdf5a4fbb636dd7189088864abc18aaaa385408 |
|||
font_01_sfnt_off0000bf03.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBF03 | 3312 bytes |
SHA-256: 40bd8eebcb3a0d68a8646f1930e84f30a44bfa48525263c6c528f0bc1e9c1677 |
|||
font_02_sfnt_off0000ca52.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xCA52 | 18428 bytes |
SHA-256: 5b274ec5496f5d4f4fc3cf5cfa7abe98fe5db69afde0596d2b80bdf12631eea7 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.