PDF static analysis report

Static analysis result for SHA-256 5afdc424f2c19755…

SUSPICIOUS

PDF

60.9 KB Created: 2021-04-05 18:57:19 +07:00 Authoring application: wkhtmltopdf 0.12.6 (via Qt 4.8.7) First seen: 2026-06-04
MD5: 9069282c51448748fdfb2f50138fb54b SHA-1: 3d5894a1add79dda0f002db70660857fca3508e2 SHA-256: 5afdc424f2c19755aefa94a4324191d26e69d55c937f0744689913b5ac9474e2
42 Risk Score

Malware Insights

MITRE ATT&CK
T1566.001 Spearphishing Attachment T1204.002 Malicious Link

The PDF document contains multiple embedded URLs and a prominent link within the document body, all related to Roblox hacks and cheats. The ML classifier also flagged the PDF as malicious. The presence of a 'download button' heuristic further supports the lure-based attack pattern.

Machine Learning

  • Nyx PDF Classifier malicious score 0.6193

Heuristics 3

  • Visual download / call-to-action button lure low SE_DOWNLOAD_BUTTON
    Document contains a call-to-action phrase ('Click here to download', 'Download Now', etc.) — low-signal unless other findings point to a malicious workflow
  • External URI info PDF_URI
    PDF contains an external URL action
  • Embedded URL info EMBEDDED_URL
    One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.
    URL http://gaminggenerator.org/app/431946152/roblox-fly-hack-cheat-engine-6.4 PDF link annotation
    • http://www.malonmalon.com.ar/images/how-to-get-free-robux-on-roblox-mobile.pdfIn PDF document text
    • https://www.academiaanticorrupcion.org/images/roblox-account-free-trial.pdfIn PDF document text
    • http://www.eptaviation.com/images/free-avatar-maker-roblox.pdfIn PDF document text
    • https://scraperite.com/images/como-conseguir-diamantes-en-royale-high-roblox-hack.pdfIn PDF document text
    • http://ff-obertraun.at/images/free-roblox-account-2021.pdfIn PDF document text
    • http://ilcommercialista.info/images/free-gui-roblox.pdfIn PDF document text
    • https://tokunfome.com.br/images/how-to-script-hack-on-roblox-lumber-tycoon-2-money.pdfIn PDF document text
    • http://picuruta.com.br/images/roblox-free-online-no-installing.pdfIn PDF document text
    • http://www.boic.nl/images/roblox-jailbreak-hack-keycard.pdfIn PDF document text
    • http://nevesomost.by/images/framed-roblox-hack.pdfIn PDF document text
    • http://yochin.org.tw/images/nuevo-hack-para-dragon-ball-rage-cesarius-roblox.pdfIn PDF document text
    • https://rincondelentrenador.com/images/pet-simulator-hack-roblox.pdfIn PDF document text
    • http://www.gadanie.lv/images/roblox-hacks-and-cheats-2021.pdfIn PDF document text
    • http://vipservice-bg.com/images/roblox-titanic-infinite-points-script-hack.pdfIn PDF document text
    • http://sb2m.com.br/images/hack-para-tener-robux-enderrobux-117.pdfIn PDF document text
    • http://beer-holzhaus.ch/images/roblox-online-robux-hack-no-survey.pdfIn PDF document text
    • https://www.ncscolour.no/images/earn-free-robux-site.pdfIn PDF document text
    • http://www.cosver.nl/images/roblox-free-robux-but-not-a-scam.pdfIn PDF document text
    • https://www.iadh.bi/images/roblox-cash-grab-simulator-cheat.pdfIn PDF document text
    • http://echosvoix.ch/images/how-to-get-free-robux-2021-control-panel.pdfIn PDF document text
    • http://www.pcclawyers.com.au/images/www-resourcly-ml-free-robux.pdfIn PDF document text
    • https://pompesfunebresleveque.fr/images/free-supreme-roblox.pdfIn PDF document text
    • http://dennemaat.nl/images/roblox-apocalypse-rising-hack-july-2021.pdfIn PDF document text
    • http://www.pacoestrada.it/images/download-roblox-free-on-computer.pdfIn PDF document text
    • http://bunadsmaria.com/images/free-robux-instant-work.pdfIn PDF document text
    • http://www.zdravazena.sk/images/fight-the-monsters-roblox-hack.pdfIn PDF document text
    • https://www.seeingindependence.org/images/real-roblox-lumber-tycoon-2-hack-download-2021-no-script.pdfIn PDF document text
    • http://immo360grad.com/images/roblox-giant-hand-hack.pdfIn PDF document text
    • https://wandersuechtig.de/images/free-ninja-run-roblox.pdfIn PDF document text
    • http://kulturhusbabberich.nl/images/pastebin-roblox-free-catalog-dominus.pdfIn PDF document text
    • http://www.occquimica.com.br/images/roblox-boat-free.pdfIn PDF document text
    • https://www.najeebqasmi.com/images/free-roblox-clothes.pdfIn PDF document text
    • http://kruiz21.ru/images/roblox-get-free-robux-2021.pdfIn PDF document text
    • http://www.hawler.in/images/free-robux-hacks-that-actually-work.pdfIn PDF document text
    • http://www.vktzunami.cz/images/free-robux-copy-paste.pdfIn PDF document text
    • https://www.alu-as.cz/images/paste-bin-robux-hack.pdfIn PDF document text
    • https://estalagemmonteverde.com.br/images/free-catalog-items-roblox-2021-mobile.pdfIn PDF document text
    • https://domoticaaplicada.com/images/is-it-possbile-to-get-free-robux.pdfIn PDF document text
    • http://ns1.radiofacil.net/images/how-to-get-free-robux-without-installing-anything.pdfIn PDF document text
    • https://www.eglihotel.gr/images/free-robux-roblox-hack-no-human-verification.pdfIn PDF document text
    • http://behsanroshd.com/images/how-to-get-fre-robux-on-a-computer.pdfIn PDF document text
    • http://domaizdereva24.ru/images/robux-hack-menu.pdfIn PDF document text
    • https://www.saisystem.it/images/cheat-codes-for-roblox-for-xbox-one.pdfIn PDF document text
    • https://www.showalterpropertyconsultants.com/images/free-robux-without-checking-if-you-are-a-robot.pdfIn PDF document text
    • http://grabmyinfo.com/images/free-robux-and-tix-tricks-amp.pdfIn PDF document text
    • http://fairwaygolftravel.co.uk/images/free-daily-robux.pdfIn PDF document text
    • http://beer-holzhaus.ch/images/roblox-hack-tool-download-android.pdfIn PDF document text
    • https://www.fhccu.com/images/como-volar-en-roblox-hack-2021.pdfIn PDF document text
    • http://leigraphics.com/images/how-to-hack-roblox-and-get-unlimited-robux-2021.pdfIn PDF document text
    +16 more URL(s)

Extracted artifacts 3

Files carved from inside the sample during analysis.

FilenameKindSourceSize
font_00_sfnt_off00008128.bin pdf-font-stream PDF embedded font (sfnt) at offset 0x8128 26436 bytes
SHA-256: 0e0722d6071757fe24a5f7e00c8ef20abd4c9f0297dbd511cda24c8d6858d6ec
font_01_sfnt_off0000bbe9.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xBBE9 3884 bytes
SHA-256: 40b61f8938bd710dc29dc58ba3fde91c245a6a69596ec569b4d27c769ca417cf
font_02_sfnt_off0000c890.bin pdf-font-stream PDF embedded font (sfnt) at offset 0xC890 18876 bytes
SHA-256: 1165bcaeced21a3d5defa038bcb93323c2ca9febbbc083d70031fd07302fa889