MALICIOUS
102
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF document contains a lure for a 'free generator / game hack' which redirects to a malicious URL. While no scripts were explicitly extracted, the PDF structure and embedded URLs suggest an attempt to redirect the user to a site that likely hosts further malicious content or exploits. The ML classifier also flagged this PDF as malicious.
Machine Learning
- Nyx PDF Classifier malicious score 0.6397
Heuristics 4
-
PDF links to a 'free generator / game hack' redirector critical PDF_GAME_HACK_REDIRECT_LUREPDF's clickable action targets a redirector of the form /app/<id>/<slug>-game-hack — the landing-page shape of a large SEO 'free spins / generator / game hack' lure family that funnels victims through rotating disposable hosts to a malware/scam payload. The multi-link variants also trip ML/link-farm rules; this catches the single-link variants that otherwise score clean. CRITICAL on its own: the /app/<id>/<slug>-game-hack path shape is unambiguous scam infra, and the host rotates so a host-list match can't be relied on.
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL https://enigmagenerator.com/app/431946152/roblox-game-hack PDF link annotation
- http://evp-sanorlenok.ru/images/tc3-roblox-hack.pdfIn PDF document text
- http://www.hotel-seminaire.com/images/roblox-jailbreak-hacker-cage.pdfIn PDF document text
- http://adenmarks.se/images/how-to-hack-roblox-hotel-elephant.pdfIn PDF document text
- http://www.lowrange4x4.co.za/images/free-robux-tampermonkey-code.pdfIn PDF document text
- http://fratellimazzoleni.it/images/hacking-dungeon-quest-roblox-2021.pdfIn PDF document text
- http://nosocomium.rv.ua/images/free-robux-easy-no-verification.pdfIn PDF document text
- https://www.abrapppe.org.br/images/free-tix-and-robux-no-download.pdfIn PDF document text
- http://ghegamethu.vn/images/free-roblox-accounts-new.pdfIn PDF document text
- http://ecoleduchat-grenoble.fr/images/get-free-robux-pc-and-mobile.pdfIn PDF document text
- http://dismarinamt.com.br/images/how-to-hack-account-roblox-2021.pdfIn PDF document text
- http://www.thecoffeebaron.co.za/images/music-id-roblox-hacker.pdfIn PDF document text
- http://www.lovecraftiana.com.ar/images/how-to-get-free-robux-no-password-on-ipad.pdfIn PDF document text
- http://www.notaioricci.it/images/dungeon-quest-roblox-exp-hack.pdfIn PDF document text
- http://beer-holzhaus.ch/images/action-roblox-hacks.pdfIn PDF document text
- http://www.ipsiagmarconi.it/images/robux-hack-tips.pdfIn PDF document text
- http://kukuck.de/images/free-backdoor-source-roblox.pdfIn PDF document text
- https://www.alu-as.cz/images/speed-hack-in-any-roblox-game-2021-not-in-jailbreak.pdfIn PDF document text
- https://schulzpressetext.de/images/roblox-how-to-noclip-cheat-engine-feb-2021.pdfIn PDF document text
- http://rfteknoloji.com.tr/images/how-to-get-free-robux-and-tix-november-2021.pdfIn PDF document text
- http://www.yes-info.fr/images/hacks-para-roblox-jailbreak-2021.pdfIn PDF document text
- http://www.remiauclair.fr/images/casual-shirt-and-pants-for-girls-roblox-template-free.pdfIn PDF document text
- http://pia2000.net/images/hack-account-roblox-2021.pdfIn PDF document text
- http://www.inservis.cl/images/free-anthro-roblox.pdfIn PDF document text
- http://dmoraitis.gr/images/hacking-songs-roblox-id.pdfIn PDF document text
- http://ff-obertraun.at/images/cheats-to-get-robux-on-roblox-2021.pdfIn PDF document text
- http://eventgo.fr/images/free-hugs-roblox-id.pdfIn PDF document text
- https://laconce.com/images/how-to-get-free-robux-easy-2021-on-ipad.pdfIn PDF document text
- http://ekaterinakorneva.com/images/how-to-get-into-bloxgurg-for-free-with-no-robux.pdfIn PDF document text
- http://rfteknoloji.com.tr/images/free-robux-without-downloading-anything.pdfIn PDF document text
- http://cosver.eu/images/wow-to-free-robux-november-2021.pdfIn PDF document text
- http://www.malonmalon.com.ar/images/hacker-man-roblox-script.pdfIn PDF document text
- http://ivanflores.cl/images/roblox-hack-no-survey-no-download-2021.pdfIn PDF document text
- http://grupodin.com.br/images/list-of-roblox-cheat-engines.pdfIn PDF document text
- https://pa-waingapu.go.id/images/how-to-hack-someones-roblox-account-with-inspect-element.pdfIn PDF document text
- http://autenticohostalsalou.com/images/free-robux-recieve-instantly-no-survey.pdfIn PDF document text
- https://corbo.ru/images/hack-tshirt-roblox.pdfIn PDF document text
- https://schulzpressetext.de/images/free-non-virus-recorder-for-roblox.pdfIn PDF document text
- http://www.kalaaliaraq.dk/images/how-to-get-free-robux-2021-gen.pdfIn PDF document text
- http://grabmyinfo.com/images/free-generator-code-roblox.pdfIn PDF document text
- http://grupodin.com.br/images/free-robux-2021-no-survey.pdfIn PDF document text
- https://gaj.rs/images/how-to-hack-any-server-in-roblox.pdfIn PDF document text
- http://agrupamentoescolas-alfredo-da-silva.com/images/paint-exist-hack-roblox.pdfIn PDF document text
- https://www.academiaanticorrupcion.org/images/free-robux-genearator-2021-no-suryve.pdfIn PDF document text
- http://genialica.com/images/hacking-tool-roblox.pdfIn PDF document text
- http://www.remiauclair.fr/images/black-hair-roblox-free.pdfIn PDF document text
- http://elearnfactory.com/images/lenovo-tablet-roblox-hacks.pdfIn PDF document text
- http://gods-own.org/images/can-we-hack-roblox-with-fe.pdfIn PDF document text
- http://mptex.pl/images/how-to-run-a-hack-script-in-roblox.pdfIn PDF document text
- http://cleanteclogistics.com/images/roblox-hacks-for-rb-world-2.pdfIn PDF document text
+13 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00006ea3.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x6EA3 | 25660 bytes |
SHA-256: b78ce63cf269be1d368256e350c8a27a6170bc199a17d6f149e40f7300d0d880 |
|||
font_01_sfnt_off0000a7f7.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xA7F7 | 3884 bytes |
SHA-256: 40b61f8938bd710dc29dc58ba3fde91c245a6a69596ec569b4d27c769ca417cf |
|||
font_02_sfnt_off0000b49e.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xB49E | 19216 bytes |
SHA-256: 42a7b49a745e8da3b08f32489a03fdf6f5ef5934b1b72904a2e02b5ef5472a72 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.