SUSPICIOUS
42
Risk Score
Malware Insights
MITRE ATT&CK
T1566.001 Spearphishing Attachment
The PDF contains numerous URLs pointing to game-related hacks and cheats, with a prominent URL for 'roblox-hack-apk-pc-download'. The ML classifier flagged the PDF as malicious, and the presence of external URIs suggests an attempt to redirect the user to a malicious download. Although no scripts were explicitly extracted, the document's structure and content strongly indicate a phishing or malware distribution attempt.
Machine Learning
- Nyx PDF Classifier malicious score 0.6193
Heuristics 3
-
Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTONDocument contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
-
External URI info PDF_URIPDF contains an external URL action
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://gaminggenerator.org/app/431946152/roblox-hack-apk-pc-download PDF link annotation
- http://www.boic.nl/images/roblox-promo-codes-2021-free.pdfIn PDF document text
- http://nevesomost.by/images/dragon-ball-z-rage-roblox-hack-2021.pdfIn PDF document text
- https://www.gvandenakker.nl/images/get-free-robux-instantly-no-human-verification.pdfIn PDF document text
- http://www.jureclomas.com.ar/images/cheat-roblox-jailbreak-2021-tp-unpatched.pdfIn PDF document text
- http://www.nielsen2u.dk/images/como-hackear-roblox-para-tener-robux-2021.pdfIn PDF document text
- http://altc.de/images/get-free-obc-roblox.pdfIn PDF document text
- https://www.air-shop.cz/images/free-robux-no-human-verification-2021-ios.pdfIn PDF document text
- https://www.albisser.ch/images/rbxnowgg-free-robux.pdfIn PDF document text
- http://cosver.eu/images/how-to-get-100-000-robux-for-free.pdfIn PDF document text
- http://panaceafamilymedicine.com/images/hacks-of-roblox-2021.pdfIn PDF document text
- http://safari-crimea.com/images/free-builders-club-code-roblox.pdfIn PDF document text
- http://www.adravietnam.org/images/roblox-cheat-engine-70-bypass-2021-rog.pdfIn PDF document text
- https://fkg.usu.ac.id/images/pet-simulator-cheats-roblox.pdfIn PDF document text
- https://www.foodsafety.cz/images/how-to-get-free-roblox-clothes-2021.pdfIn PDF document text
- https://europainstitut.hu/images/change-leader-stats-roblox-hack.pdfIn PDF document text
- http://gops.pruszczgdanski.pl/images/best-free-roblox-jailbreak-hack.pdfIn PDF document text
- http://www.les2alpes-location.com/images/roblox-auto-clicker-free.pdfIn PDF document text
- http://www.gongoff.com/images/dignity-roblox-hacker.pdfIn PDF document text
- http://bb-im2.com/images/how-to-hack-a-roblox-account-april-2021.pdfIn PDF document text
- http://aadvanderklaauw.nl/images/robux-robux-robux-free-game-in-roblox.pdfIn PDF document text
- http://leigraphics.com/images/roblox-hack-no-key.pdfIn PDF document text
- http://www.hhls.com.au/images/robux-hack-no-human-verification-or-survey-2021.pdfIn PDF document text
- http://www.fluidtech.hu/images/roblox-hack-sans-verification-humaine.pdfIn PDF document text
- http://museumkk.ru/images/how-to-get-free-robux-free-codes.pdfIn PDF document text
- https://www.fhccu.com/images/how-to-get-free-robux-quiz.pdfIn PDF document text
- http://condit-pack.com/images/hacks-para-roblox-dragon-ball-rage-2021.pdfIn PDF document text
- http://salon-vyshyvanka.com/images/como-hackear-una-cuenta-de-roblox.pdfIn PDF document text
- https://wandersuechtig.de/images/box-prizes-free-robux.pdfIn PDF document text
- https://fkg.usu.ac.id/images/john-doe-roblox-hacker-story.pdfIn PDF document text
- https://scraperite.com/images/online-hack-robux.pdfIn PDF document text
- http://www.mikramarine.gr/images/free-roblox-estudios.pdfIn PDF document text
- https://www.najeebqasmi.com/images/free-robux-app-for-roblox.pdfIn PDF document text
- http://aeroclub-kaernten.at/images/free-promo-codes-that-give-you-robux.pdfIn PDF document text
- https://www.yewtreealpacas.co.uk/images/how-to-hack-into-accounts-in-roblox-2021.pdfIn PDF document text
- http://www.evaplast.by/images/free-redeem-code-roblox-2021.pdfIn PDF document text
- http://immobil-service.it/images/free-robux-no-inspect-element.pdfIn PDF document text
- http://eurocomes.com/images/guess-the-drawing-roblox-hack.pdfIn PDF document text
- https://www.stkdb.cz/images/free-robux-on-roblox-easy-and-fast.pdfIn PDF document text
- http://pdapanache.com/images/obby-games-on-roblox-free-online-games.pdfIn PDF document text
- http://www.kalaaliaraq.dk/images/codes-to-get-free-robux-may.pdfIn PDF document text
- http://www.fanciullovito.it/images/roblox-apocalypse-rising-spawn-hack-2021.pdfIn PDF document text
- https://ai-appenzell.ch/images/how-to-get-free-robux-no-password.pdfIn PDF document text
- http://stansabbiatura.com/images/all-of-the-hairs-that-are-for-free-on-roblox.pdfIn PDF document text
- http://kids-academy.pl/images/como-crear-un-hack-para-roblox.pdfIn PDF document text
- http://firesafetyservices.biz/images/roblox-lumber-tycoon-2-cheat-codes.pdfIn PDF document text
- https://meltonschool.org/images/is-john-doe-a-hacker-in-roblox.pdfIn PDF document text
- http://www.hawler.in/images/corrupt-roblox-torso-free-servers.pdfIn PDF document text
- http://www.pro-futuro.eu/images/roblox-free-robux-deutsch-pc.pdfIn PDF document text
- http://www.thecoffeebaron.co.za/images/free-roblox-scripts-for-studio.pdfIn PDF document text
+20 more URL(s)
Extracted artifacts 3
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
stream_003_off00008380.bin |
decompressed-pdf-stream | PDF FlateDecoded stream at offset 0x8380 | 25500 bytes |
SHA-256: b764bfc2f408f5c1415d7e8f2108e6d25405e7edfdb6bef961bf8954bf62ef1e |
|||
font_01_sfnt_off0000bcbc.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xBCBC | 2844 bytes |
SHA-256: baad2f3f6808f4af03fa9398e38c580c8d846f7f773a947d8cc1f39b2753d31a |
|||
font_02_sfnt_off0000c67d.bin |
pdf-font-stream | PDF embedded font (sfnt) at offset 0xC67D | 18268 bytes |
SHA-256: 045492e516647a8b8f1c6f9287833e3580b65de17161b963319ed0e048b6eda1 |
|||
Open this report in the interactive analyzer, or submit your own file for analysis.